VP - Cybersecurity

The VP - Cybersecurity will be a visionary and results-driven Practice Leader (VP) to spearhead our Cybersecurity Practice at ZainTECH, responsible for the overall strategy, growth, and profitability of the practice across the MENA region, spanning Saudi Arabia, UAE, Kuwait, Bahrain, Jordan, Iraq, Egypt, and Sudan. The ideal candidate will be a recognized thought leader with a proven track record of building and scaling a successful cybersecurity advisory, managed security services, and professional services business.

They will be responsible for crafting and executing the go-to-market (GTM) strategy across the full range of cybersecurity services that ZainTECH can position to clients, forging strategic partnerships, driving the sales cycle for key accounts, and overseeing the delivery of our Security Operations Centre (SOC), advisory engagements, and turnkey cyber transformation programs across enterprise, government, and critical infrastructure clients.

Requirements:

Go-to-Market & Strategy

• Develop and execute a comprehensive GTM strategy for the Cybersecurity Practice across MENA, aligned to the full range of cybersecurity services ZainTECH can position to clients, and identifying priority market segments (banking and financial services, government and public sector, oil and gas, healthcare, telco, and large enterprise), client profiles, and competitive differentiators.
• Build and evolve a structured cybersecurity service offering portfolio combining advisory, professional services, and managed services across the following service families:
• Identity & Access Management (IAM), covering SSO, MFA, IGA, PAM, and Zero Trust Network Access
• Infrastructure & Network Security, covering next-generation firewall, anti-DDoS, segmentation, SASE, and AI-driven network threat defence
• Endpoint & Workload Security, covering EDR and XDR, vulnerability management, continuous patching, and cloud workload protection
• Application & Data Security, covering secure software development lifecycle, application security testing, API security, data protection, DLP, and encryption
• Advisory, Governance, Risk & Compliance (GRC), covering regulatory advisory, control frameworks, risk quantification, and audit readiness
• Security Operations (SOC), covering 24x7 monitoring, SIEM and SOAR, threat intelligence, threat hunting, incident response, and digital forensics

• Define and refine the consumption model for each service family, structuring offerings into tiered propositions (from foundational to premium) that allow clients to adopt capabilities progressively while creating clear upsell and cross-sell motions.
• Translate advisory outcomes into recurring managed services pipeline, ensuring each consulting engagement is designed to surface ongoing managed service opportunities wherever appropriate.
• Shape the evolution of ZainTECH's Security Operations Centre (SOC) services, including MDR, MSSP, threat intelligence, threat hunting, incident response, and digital forensics, positioning them as the regional reference in 24x7 monitoring and response.
• Drive thought leadership through publications, speaking engagements, and industry events (GISEC, Black Hat MEA, GITEX, MENA ISC, RSA) to enhance ZainTECH's brand and market presence as a trusted cybersecurity partner.
• Represent ZainTECH in regulator and industry forums engaging with bodies such as NCA and SDAIA in KSA, CST, NESA and the UAE Cyber Security Council, CITC, NCSC Kuwait, CBB, NCA Jordan, and sector regulators including SAMA, CBUAE, DFSA, and FSRA.

Business Development & Sales

• Take full ownership of the practice's revenue and profitability, meeting and exceeding assigned targets across advisory, professional services, and managed security services lines.
• Proactively identify and cultivate new business opportunities with enterprise clients, government entities, and critical national infrastructure operators, leveraging personal networks and leading the end-to-end sales cycle for strategic accounts.
• Build and nurture C-level relationships with key clients (CISOs, CIOs, CROs, CDOs, Heads of Risk and Compliance), acting as a trusted advisor on their cyber resilience, zero trust, and regulatory compliance journeys.
• Lead the development of compelling proposals, statements of work (SOWs), and commercial models for large-scale, complex engagements including SOC build and transform, SIEM and SOAR modernisation, identity and access transformation, cloud security programs, and OT cybersecurity deployments.
• Embed MEDDPIC qualification discipline across the practice pipeline and ensure rigorous opportunity scoring, forecast accuracy, and win/loss analysis.
• Partner with country Geography Leaders across the three ZainTECH clusters (Saudi Arabia, Other GCC, Egypt and Jordan) to localise the GTM motion and ensure coverage against named accounts.

Partnerships & Alliance Management

• Identify, cultivate, and manage strategic partnerships with leading cybersecurity technology vendors across platform, detection, identity, cloud, and OT domains, including Microsoft, Palo Alto Networks, Fortinet, Cisco, CrowdStrike, SentinelOne, Splunk, IBM, Tenable, Rapid7, Zscaler, Okta, CyberArk, Proofpoint, Trellix, Claroty, and Nozomi Networks.
• Develop joint value propositions and co-selling opportunities with hyperscalers (AWS, Azure, Google Cloud, Oracle) on cloud security, data protection, and sovereign cloud offerings relevant to KSA, UAE, and other regulated markets.
• Build and manage relationships with specialist MENA players and emerging technology providers to extend ZainTECH's capability in niche areas such as deception, attack surface management, DRP, and AI security.
• Ensure partner tiering, certification coverage, MDF utilisation, and rebate capture are actively managed to maximise economic contribution from the alliance portfolio.

Delivery & Engagement Oversight

• Provide executive oversight on the delivery of strategic, turnkey cybersecurity programs, including SOC design and build, SIEM and SOAR implementations, zero trust architectures, identity modernisation, data protection and DLP, cloud security posture management, and OT and IoT security.
• Oversee the run and operate performance of ZainTECH's SOC, including SLA adherence, detection engineering maturity, MTTD and MTTR targets, use case coverage, threat intelligence integration, and continuous service improvement.
• Lead AI-enabled cybersecurity transformation initiatives, spanning:
• Autonomous SOC capabilities using AI and GenAI copilots for triage, investigation, and response
• LLM-powered threat intelligence synthesis, correlation, and briefing generation
• AI-driven fraud detection, insider threat analytics, and user behaviour analytics (UEBA)
• Automated compliance evidence collection, control testing, and audit readiness
• GenAI-assisted security engineering for detection content, playbook creation, and policy development
• AI-enabled phishing defence, deepfake detection, and social engineering resilience

• Serve as the engagement partner for flagship client programs, providing strategic guidance on complex initiatives including regulatory-driven transformations (SAMA CSF, NCA ECC, NCA CCC, NESA IAS, PDPL, GDPR, ISO 27001, PCI DSS, NIST CSF, SWIFT CSP) and sovereign cloud migrations.
• Manage and mitigate risks associated with complex program delivery, particularly in mission-critical environments, while ensuring responsible AI governance, data protection, and ethical handling of sensitive client information.

Practice & People Leadership

• Build and lead a high-performing team of security advisors, architects, engineers, SOC analysts, incident responders, forensics specialists, and GRC consultants with deep domain and regulatory expertise across MENA.
• Mentor and develop practice members, providing career guidance and growth opportunities across defined job families including Principal Consultant, Security Architect, SOC Lead, Threat Hunter, Incident Response Lead, and GRC Consultant.
• Contribute to the overall leadership and strategic direction of ZainTECH as a key member of the Executive Leadership Team, working across the broader services portfolio to deliver integrated client outcomes.
• Champion responsible security culture, continuous learning, and certification progression (OSCP, CISSP, CISM, CCSP, SANS GIAC, Azure and AWS security certifications, vendor specialisations) across the practice.

Requirements:
• 15+ years of experience in a senior leadership role within a top-tier consulting firm, cybersecurity services company, system integrator, or enterprise CISO function, with significant focus on the MENA region.
• An entrepreneurial spirit and a passion for driving innovation and growth in the rapidly evolving cybersecurity landscape.
• Deep expertise across cybersecurity domains, including:
• Security Operations, SIEM, SOAR, XDR, threat intelligence, and threat hunting
• Zero trust architecture, network security, and secure access service edge (SASE)
• Identity and access management, privileged access management, and identity governance
• Cloud security across AWS, Azure, GCP, and Oracle, including CSPM, CWPP, and CNAPP
• Application security, DevSecOps, and software supply chain security
• Data protection, DLP, encryption, and privacy engineering
• OT and IoT cybersecurity for energy, utilities, manufacturing, and smart infrastructure
• Governance, risk, and compliance aligned to MENA regulatory frameworks
• AI security, securing AI workloads, and GenAI applications in cyber defence

• Proven track record of building and scaling a cybersecurity practice with full P&L responsibility, consistently achieving and exceeding revenue targets, ideally combining advisory, professional services, and managed services lines.
• Demonstrated experience in applying advanced analytics, automation, and AI to solve cybersecurity challenges including:
• SOC efficiency and analyst productivity (target