Job Purpose
Responsible for leading the Security & Access Management section within the Digital Operations department at SOPC. This role focuses on the operational integrity of SOPC's digital assets by designing and enforcing robust Identity and Access Management (IAM) frameworks. The Manager will oversee the user access lifecycle, ensure strictly controlled privileged access, and manage day-to-day security operations to mitigate risks, ensuring that the right people have the right access to the right resources at the right time. This role directly supports SOPC's Digital Strategy by embedding security, compliance, and automation into all digital operations, enabling seamless and secure experiences for athletes, staff, and federations.
Job Specific Accountabilities
Identity & Access Management (IAM)
• Lifecycle Management: Oversee the end-to-end user lifecycle (Joiners, Movers, and Leavers), ensuring timely provisioning and, crucially, immediate de-provisioning of access rights to prevent unauthorized entry.
• Privileged Access Management (PAM): Strictly manage and monitor privileged accounts (administrative access), ensuring they are vault-protected and used only for authorized tasks.
• Access Governance: Process and approve user access requests in line with the "Principle of Least Privilege," ensuring users only hold permissions necessary for their specific roles.
Security Operations & Hardening
• Endpoint & System Security: Oversee the deployment and management of operational security tools (e.g., Antivirus, Endpoint Detection and Response) across SOPC devices.
• Vulnerability Management: Collaborate with the Digital Solutions team to identify system vulnerabilities and ensure that critical security patches and updates are applied promptly.
• Configuration Management: Define and enforce secure configuration baselines for operating systems and applications to reduce the attack surface.
Security Monitoring & Incident Response
• Log Analysis: Monitor system access logs and security alerts to identify abnormal behavior, unauthorized access attempts, or potential policy violations.
• Incident Handling: Lead the immediate response to operational security incidents (e.g.,account compromises, malware detection), aiming to minimize disruption and restore normal operations quickly.
Risk Management & Compliance
• Access Reviews: Conduct periodic user access recertification campaigns to validate that current access rights are still valid and compliant with SOPC policies.
• Audit Support: Act as the primary focal point for internal and external audits regarding access controls, providing evidence and remediating any non-conformities found.
Stakeholder Collaboration
• Cross-Functional Alignment: Collaborate with HR to automate onboarding/offboarding triggers and with Application Owners to define accurate access roles.
• Security Awareness: Communicate changes in security procedures to SOPC staff and promote a culture of cyber-hygiene regarding passwords and access credentials.
Our Commitment
At Team Saudi, we care deeply about creating a safe, supportive, and empowering environment for our athletes and employees. We welcome applicants who demonstrate integrity, professionalism, and a commitment to maintaining a safe and respectful workplace where everyone is protected, valued, and given fair opportunities to thrive.
