Head of Security
Salla
Role Purpose
As Head of Security at Salla, you are the most senior security authority at Salla. You set the strategy, build the team, and own the controls that keep our platform, our people, and our merchants safe. You translate risk into business language for the executive team and the Board, and you make security a competitive advantage rather than a constraint. You will lead end to end across every security domain and represent Salla's security posture to auditors, regulators, partners, and customers.
Please note that we are looking for Saudi Nationals only for this role.
Key Responsibilities
Security Strategy & Leadership
- Own and evolve the enterprise security strategy, roadmap, and operating model across cloud, network, endpoint, physical, and GRC, aligned to Salla's growth and public‑listing readiness.
- Act as the organization's principal security advisor; brief the executive team and the Board on cyber risk posture, investment priorities, and regulatory exposure.
- Define and steward the security budget, headcount plan, and tooling portfolio; drive measurable return on security investment.
- Establish security KPIs, OKRs, and a metrics‑driven reporting cadence for leadership and audit committees.
Cloud Security
- Lead cloud security across the platform, including landing‑zone hardening, network segmentation, secrets management, and workload protection (AWS strongly preferred).
- Govern Infrastructure‑as‑Code security, container and Kubernetes security (image scanning, admission control, runtime protection), and CI/CD pipeline integrity.
- Drive Cloud Security Posture Management, workload protection, and continuous compliance against recognized cloud control frameworks and CIS benchmarks.
- Partner with SRE and Platform Engineering to embed secure‑by‑default guardrails that protect velocity rather than slow it.
Network Security
- Own network security architecture, including edge protection, DDoS mitigation, web application firewall, segmentation, and zero‑trust network access.
- Govern the CDN and edge security stack, bot management, rate limiting, and origin lockdown for high‑traffic, merchant‑facing services.
- Oversee secure connectivity, private connectivity, VPN, and DNS security.
Endpoint Security
- Lead endpoint protection across corporate and engineering fleets, including EDR/XDR, device hardening, mobile device management, and disk encryption.
- Run a continuous vulnerability and patch management program with clear remediation SLAs.
- Define and enforce endpoint baselines and data loss prevention controls.
Physical & Facility Security
- Own physical security for Salla's offices and facilities in Makkah and other sites, including access control, CCTV, visitor management, and environmental controls.
- Align physical and logical access policies; govern physical access to sensitive areas and equipment.
- Coordinate with Facilities, HR, and local authorities on safety, badging, and on‑site incident response.
Identity & Access Management (Zero Trust)
- Lead IAM strategy across cloud and corporate systems, including single sign‑on, multi‑factor authentication, privileged access management, and least‑privilege enforcement.
- Automate joiner, mover, and leaver workflows and run periodic access recertification.
- Advance the organization toward a mature zero‑trust architecture.
Security Operations & Incident Response
- Build and run the security operations capability, including SIEM, detection engineering, threat intelligence, and continuous monitoring.
- Own the incident response lifecycle from preparation through detection, containment, eradication, recovery, and blameless post‑incident review.
- Lead tabletop exercises, red and purple teaming, and breach‑readiness drills; maintain crisis‑communication and breach‑notification playbooks.
Governance, Risk & Compliance (GRC)
- Own the GRC function and the enterprise risk register; run the risk assessment and treatment lifecycle.
- Lead certification and audit programs spanning ISO/IEC 27001, SOC 2, and PCI DSS, with alignment to the NCA Essential Cybersecurity Controls and Cloud Cybersecurity Controls, and to the SAMA Cyber Security Framework where applicable.
- Own data protection and privacy compliance under the Saudi Personal Data Protection Law and SDAIA requirements, including data inventories, processing agreements, and cross‑border transfer controls.
- Prepare Salla's security and IT‑governance posture for Tadawul listing, including controls maturity, evidence collection, and auditor readiness.
- Author, ratify, and maintain the full lifecycle of security policies, standards, and procedures.
Third‑Party & Vendor Risk
- Establish and run the third‑party risk program, including security due diligence, contractual security terms, and continuous monitoring of critical suppliers.
- Embed security requirements into procurement and vendor onboarding.
Security Awareness & Culture
- Build a company‑wide security awareness, training, and phishing‑simulation program.
- Champion a positive, blameless security culture in which security is a shared responsibility.
Team Leadership & Organization Building
- Lead, mentor, and grow a multidisciplinary security organization spanning cloud security, SecOps, GRC, and physical security.
- Set objectives, develop talent, and build the hiring plan to scale the function with the business.
- Forge cross‑functional partnerships with Engineering, SRE, IT, Legal, HR, and Finance.
Qualifications
- 12+ years in information and cyber security, including 5+ years in senior security leadership (Head of Security, Director, or CISO‑track) at a SaaS, fintech, or e‑commerce organization.
- Demonstrated ownership of security across multiple domains: cloud, network, endpoint, physical, and GRC.
- Deep hands‑on and architectural knowledge of cloud security (AWS strongly preferred), including Kubernetes and modern CI/CD.
- Proven track record building and operating security operations and incident response at scale.
- Strong GRC experience across ISO 27001, PCI DSS, GDPR and Saudi regulatory frameworks (NCA ECC and CCC, PDPL and SDAIA; SAMA CSF a plus).
- Experience leading audits and certifications, ideally including IPO or regulatory‑readiness programs.
- Excellent executive communication; able to translate technical risk into business and regulatory language for the Board.
- Bachelor's degree in Computer Science, Engineering, Information Security, or a related field.
- Willingness and eligibility to work on‑site in Makkah, Saudi Arabia.
- Cacheflow is seeking an experienced Regional Sales Manager to drive sales of its security solutions across Asia Pacific. This position requires 5-10+ years of direct sales experience in security software and a proven ability to build relationships with key stakeholders...
- ...Salla is seeking a Head of Security to develop and own the security strategy of the organization in Makkah. The candidate will lead security operations, manage compliance with regulatory frameworks, and oversee the security posture of Salla across all domains, from cloud...
- ...Client Security Expert Responsibilities # Identify client-side security risks, propose solutions, and drive their implementation. # Lead offensive and defensive exercises on mobile clients, and drive remediation of business-related risk issues. # Analyze attack...
- ...P2P is seeking a Client Security Expert in Saudi Arabia's Makkah Region. The role requires driving the implementation of client-side security solutions and optimizing security data pipelines. Applicants should have experience with AI tools and client security in Web3...
- - مطلوب فرد أمن للعمل في مجمع سكني بجدة. - يشترط نقل الكفالة مباشرة. - وأن يكون حسن السيرة والسلوك. - ملتزمًا بالصلاة وخائفًا من الله. - يفضل أن تكون الجنسية سودانية. - مع توفير الأكل وإقامة نظامية. - الرجاء قراءة الوظيفة جيدًا قبل التواصل. - للتفاصيل. -...
- ROLE OVERVIEW: To design, lead, and institutionalize a comprehensive learning and development ecosystem for family members across all stages — starting from school-age exposure, through university and early career development, and progressing toward leadership and ...
- ...Maintain and manage MIS (Management Information Systems) for all relevant processes. Ensure compliance with health, hygiene, security, safety, and fire regulations. Administrative Support Organize and manage incoming correspondence, and handle responses appropriately...
- - نحن شركة السامر العربية للخدمات البيئية نتقدم بطلب للحاجة لموظف أمن وسلامة. - تتطلب الوظيفة خبرة لا تقل عن 3 سنوات في العمل داخل المملكة العربية السعودية. - يقع موقع العمل في رابغ. - مع ضرورة الالتزام بالسيرة والسلوك الحسن والانضباط التام في العمل والتقيد بالموا...
- ...The Head of Family Integration and Development will: Create and lead a structured development ecosystem for family members from: school age university stage early career leadership/succession readiness Ensure family members are aligned with company...
- Company Description Raffles Makkah Palace promises the exceptional standards inherent in the Raffles name and enhanced by Arab hospitality values. Raffles Makkah Palace offers 219 Suites & duplex Villas with breathtaking views of the Masjid Al Haram, the Holy Ka’aba...
- ...growth opportunities we have for you and the chance to create memorable moments. We are currently seeking a Director of Sales / Head of Department to join our vibrant team. At RHG, we are in search of individuals who go beyond the resume – those with character, skills...
- ...related matters. ~Analyse HR data and create reports to support decision-making processes. The Successful Applicant A successful Head of HR Administration & Operations Department should have: ~A degree in Human Resources, Business Administration, or a related field...
- ...Technology About Our Client Our client is a well-established Financial Services organisation in Jeddah. Job Description The Head of IT Solutions and Quality will be responsible for: ~Managing budgets for the IT Solutions and Quality department ~Translating...
- Duties & Responsibilities: Leadership & Governance Lead the Asset Management Section and ensure alignment with the corporate Asset Management Strategy and ISO 55000 principles. Oversee and govern the Asset Management and Reliability Framework. Provide technical...
- The chance to contribute to the expansion of the business The opportunity to be part of a leading comapany in Saudi Arabia About Our Client Our client is a prominent sporting company in the Kingdom. Job Description ~Develop and execute the entity's overall media...
- ...Build and maintain strong relationships with external recruitment partners and agencies. The Successful Applicant A successful Head of Talent Acquisition Department should have: ~Proven expertise in human resources, particularly in talent acquisition within the...
- ~Be a part of a well-established financial services organisation in Jeddah ~Handle all matters related to information security architecture and engineering About Our Client Our client is a well-established financial services organisation in Jeddah. Job Description...
- ...Job Description We are seeking a detail-oriented and analytical Project Security and Access Control Specialist to join our organization in Jeddah, Saudi Arabia. In this role, you will be responsible for designing, implementing, and managing comprehensive security...
- ...training programmes to address them. ~Lead the design and delivery of leadership development initiatives. ~Collaborate with department heads to ensure training aligns with business needs. ~Monitor and evaluate the effectiveness of training programmes and make necessary...
- ...on architecture for accuracy, latency, scalability, and cost. Cover cloud, self-hosted, hybrid, and data residency needs. Run security and compliance threads common in APAC. Prepare crisp responses for Singapore PDPA, Japan APPI, Korea PIPA, Australia’s Privacy Act...
- ...RSAF) aircraft and the training of RSAF and Royal Saudi Naval Force personnel in a safe training environment. This role reports to the Head of Flying Typhoon and assists the RSAF squadron commander on all matters concerning Typhoon aircraft operation, continuation...
- ...(JCI) as well as all local regulatory requirements governing social care You will be reporting to The Clinic Manager and the Head of Social Care. Skills Certified Social Worker by the Saudi Commission for Health Specialties (SCFHS) Bachelor Degree in Social...
- ...mirrors, windshield wiper motors, wiper arms and blades, lights, indicators and warning devices. Practices workshop safety and security procedures within a vehicle maintenance organization. Inspects, maintains and repairs anti‑pollution, emission control and vehicle...
- ...will receive a competitive salary, rent free accommodation and access to free recreation facilities, all available within company secured accommodation. In addition, a generous leave and travel allowance makes this an opportunity not to be missed. On successfully securing...
- ...we align our capabilities to our customers' objectives to create a lasting positive impact. We serve the Infrastructure; Nuclear, Security & Environmental; Energy; Mining & Metals, and the Manufacturing and Technology markets. Our services span from initial planning and...
- ...will receive a competitive salary, rent free accommodation and access to free recreation facilities, all available within Company secured accommodation. In addition, a generous leave and travel allowance makes this an opportunity not to be missed. On successfully securing...
- ...Your expertise will guide the integration of crowd management best practices into the project's operational framework, fostering a secure and orderly environment. This position requires strong leadership skills, the ability to work collaboratively, and a thorough understanding...
- ...will receive a competitive salary, rent free accommodation and access to free recreation facilities, all available within Company secured accommodation. In addition, a generous leave and travel allowance makes this an opportunity not to be missed. On successfully securing...
- ...Systems as aTyphoon SimulatorInstructor based in Taif. This position offers the chance to continue to use your hard earned skills to secure a comfortable and rewarding lifestyle for you and your family. You will enjoy a considerable range of benefits including rent-free...
- ...inventory management. Oversee contractor performance and ensure compliance with scope, quality, and HSSE standards. Health, Safety, Security & Environment (HSSE) Ensure full compliance with HSSE policies and procedures. Manage incident reporting and response in line...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Head of Security. Be the first to apply!

