Lead Specialist - Customer Security Assurance

SITA

KEY RESPONSIBILITIES

Own and drive customer security assurance activities across delivery, transition, and operations in line with SITA, customer, and regulatory mandates.

Orchestrate VAPT activities in line with SITA, customer, and regulatory mandates; ensure remediation tracking and escalation of overdue items.

Provide delivery and transition security support, including responses to security requests, assessments, and solution security deliverables.

Orchestrate and support audits, assessments, and certifications, ensuring readiness, contextualization of findings, evidence preparation, and remediation follow-up.

Define and manage security training and awareness programs; coordinate content with SMEs, drive adoption, and measure effectiveness.

Act as customer-facing and regulator-facing focal point for security interactions, engaging relevant SITA SMEs as needed.

Provide structured feedback to internal stakeholders to drive alignment, strengthen assurance, and support continuous improvement.

Qualifications EXPERIENCE

6-8 years experience in IT service delivery/operations; exposure to the Air Transport Industry is a plus.

Strong knowledge of information security standards and frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001/27002/27017, PCI-DSS, FIPS PUB 199/200).

Excellent ability to communicate complex cybersecurity concepts clearly and effectively.

Customer-oriented with strong ownership, problem-solving, and service commitment.

Ability to work under pressure, prioritize multiple tasks, and maintain a risk-driven mindset.

Up-to-date knowledge of cybersecurity standards, frameworks, and threat landscape.

Strong oral, written, and presentation skills in Arabic & English.

This opportunity is open to Saudi nationals or Saudi residents.

KEY SKILLS

Communication: Clear, concise, and effective at all organizational levels.

Stakeholder Management: Proven ability to build strong relationships and influence senior stakeholders.

PROFESSION COMPETENCIES

Customer Security Assurance (mandates, audits, assessments, SLAs)

Audit/Assessment/Certification Management

Security Risk Assessment

Vulnerability Assessments and Penetration Testing (VAPT)

Cybersecurity Frameworks (e.g., ISO 27001, NIST 800-53, PCI DSS)

Delivery & Transition Security (secure assessments, solution deliverables, security plans)

Cloud & Platform Security Fundamentals

Security Training & Awareness Enablement

Metrics & Reporting (KPIs, KRIs, dashboards, executive reporting)

RFP/RFI & Customer Security Requirements Management

Change & Configuration Management (security sign-offs, deviations, remediation rollouts)

Security Documentation

CORE COMPETENCIES

Adhering to Principles & Values

Customer Focus & Service Orientation

Effective Communication

Impact & Influence

Teamwork & Collaboration

Leading Execution & Managing Performance

Results Orientation & Continuous Improvement

Creating & Innovating

EDUCATION & QUALIFICATIONS

Bachelor s degree in Cybersecurity, Computer Science, Information Systems, or equivalent.

Recognized professional qualifications (cybersecurity certifications) desirable (e.g., CompTIA Security+, CISSP, CISM, ISO 27001 LA).