Home
Jobs
aramco
Internal Security Investigator- Relocate to Saudi Arabia, Permanent Expat Family Relocation Package

Internal Security Investigator- Relocate to Saudi Arabia, Permanent Expat Family Relocation Package

Hybrid

England, United Kingdom

Full Time

24-02-2025

Share this job:

Score my CV

Job Specifications

Please note that this role is based in Saudi Arabia on a permanent, residential basis.
Job Req ID: 15891

Description:
Aramco energizes the world economy.
Aramco occupies a unique position in the global energy industry. We are the world's largest producer of hydrocarbons (oil and gas), with the lowest upstream carbon intensity of any major producer.

With our significant investment in technology and infrastructure, we strive to maximize the value of the energy we produce for the world along with a commitment to enhance Aramco’s value to society.

Headquartered in the Kingdom of Saudi Arabia, and with offices around the world, we combine market discipline with a generations’ spanning view of the future, born of our nine decades experience as responsible stewards of the Kingdom’s vast hydrocarbon resources. This responsibility has driven us to deliver significant societal and economic benefits to not just the Kingdom, but also to a vast number of communities, economies, and countries that rely on the vital and reliable energy that we supply.

We are one of the most profitable companies in the world, as well as amongst the top five global companies by market capitalization.

Overview
We are seeking an Internal Security Investigator to join our Corporate Security Department (CSD).
Corporate Security Department provides highly specialized professional, investigative and consulting services to Saudi Aramco’s Corporate and Executive Management, in order to safeguard the Company and its communities.

Your primary role is to conduct Company based investigations, in respect of serious and complex issues, including, but not limited to fraud, business ethics, abuse of authority, conflict of interest, misuse of resources, harassment, crimes against the person, anti-social behavior, unsafe acts, cybersecurity and data leakage.

Key Responsibilities
As the successful candidate, you will be required to perform the following:
Conduct and lead highly complex and sensitive misconduct investigations, in accordance with legal norms, with specific reference to and compliance with Saudi Labor Law and relevant Company Policies and Procedures.
Initiate, administer and plan investigations, and present the case findings to internal control organizations.
Provide regular briefings supported by detailed, evidential reports and information to Corporate and Executive Management, in addition to line management.
Perform interviews to identify and develop facts to resolve investigative issues, and expediently prepare high quality, well-structured and evidential professional reports of investigation.
Prevent and detect misconduct or similar offending, and is engaged in providing misconduct and cybersecurity awareness programs throughout the Company.
Identify cost savings, reimbursements and recoveries in favor of Saudi Aramco arising from investigative findings, and recommend relevant business change practices and lessons learned to mitigate and negate current and future risks.
Conduct detailed research (from open and closed sources) and crime risk pattern analysis, to identify trends, hot spots, actual or potential corporate threats, and vulnerabilities.
Maintain and organize investigation case files to a high quality and auditable standard in compliance with data protection norms.
Liaise with Company stakeholders and external parties as required, in progressing and reviewing investigative outcomes and risk mitigation strategies.
Coach and develop junior investigators and keep abreast of investigative techniques and legal norms.

Minimum Requirements
As the successful candidate, you will hold a Bachelor’s degree in Criminal Justice from a recognized and approved program.
You will have 9 years’ experience in investigations within a law enforcement or other relevant investigative field and proven ability in conducting complex cases of investigation, in respect of fraud, business ethics, abuse of authority, conflict of interest, misuse of resources, harassment, crimes against the person, anti-social behavior, unsafe acts, cybersecurity and data leakage etc.
You will be able to demonstrate excellent organizational, analytical and evidential skills, when conducting investigations and presenting relevant findings.
You must have excellent report writing skills and the ability to structure and summarize case findings in a concise, logical and articulate manner in compliance with legal norms.
You will possess a recognized professional certification, in related disciplines, such as a Certified Fraud Examiner (CFE), Professional Certified Investigator (PCI), Certified Internal Auditor (CIA), International Compliance Association (ICA) or equivalent.
Arabic language skills are highly desirable, but not essential.

Working environment
Our high-performing employees are drawn by the challenging and rewarding professional, technical and industrial opportunities we offer, and are remunerated accordingly.
At Aramco, our people work on truly world-scale projects, supported by investment in capital and technology that is second to none. And because, as a global energy company, we are faced with addressing some of the world’s biggest technical, logistical and environmental challenges, we invest heavily in talent development.

We have a proud history of educating and training our workforce over many decades. Employees at all levels are encouraged to improve their sector-specific knowledge and competencies through our workforce development programs – one of the largest in the world.

About the Company

We’re a leading producer of the energy and chemicals that drive global commerce and enhance the daily lives of people around the globe by continuing delivering an uninterrupted supply of energy to the world. Our resilience and agility has built one of the world’s largest integrated energy and chemicals companies. And we are part of the global effort toward building a low carbon economy. Our horizon has never been clearer. Know more

Related Jobs

Company Name: s1jobs
Job Title: Cyber Security Consultant - Risk
Job Description: This is an exciting opportunity to join our world class Consultancy arm, as a Cyber Security Risk Consultant, supporting the next phase of Cyberfort's growth. You'll be joining a culture of knowledge sharing and continuous learning with expert peers in Secure Architecture and Risk planning. We work across a number of sectors with a diverse client base. We aim to create an environment where everyone can reach their full potential. We work together, we are passionate, creative, and we embrace difference. In this role you'll work within our Consulting team, supporting new and existing clients across various sectors to define and implement security risk assessment and best practice solutions that match their requirements. You'll work in close partnership with clients to ensure the delivery of expert services by complementing their inhouse Information and Cyber Security resources combining expertise in information security, solution architecture and business advice. As a Security Consultant, you will be responsible for the identification of risks relating to Security Architecture, maintaining an awareness of published vulnerabilities and best practices across various platforms, especially cloud infrastructures. Working across the business and multiple technology platforms, you will play a key role in ensuring our clients make the best use of their existing technology and make proportionate, risk-informed decisions, ensuring protection of client assets and transformation of their security architecture. This role forms part of the wider Consultancy team and will work cross functionally with the Delivery Manager and others to support and assure project delivery through all phases of the agile workflow. As a team we're always looking to raise the bar, learn new things and incorporate new technologies and you will too! You'll share your knowledge with the team and the wider Cyberfort community, contributing to Group blogs and undertaking research related to technology enhancements. Responsibilities General Responsibilities: Have an excellent understanding of risk management and assessment principles and frameworks, such as ISO27005 and the NIST Cyber Security Framework Have achieved or be working towards membership of CIISEC and UK Cyber Security Council professional registration at either Chartered or Principal. Work with multi-disciplinary teams, helping to ensure that products are delivered in a secure manner that is aligned with the wider business risk appetite. produce informative and succinct reporting that clearly articulates any identified vulnerabilities, associated risks, controls and risk treatment activity. Facilitate workshops with the various Authority departments, to align with wider HMG transformational Security and risk management outcomes. provide accurate and pragmatic remediation/risk management guidance/advice. Have an understanding of risk assessment in and agile delivery environment Be skilled in workshop facilitation particularly with respect to risk identification and assessment. Exceptional team working ethic and interpersonal skills Good level of knowledge of the cyber security industry Have a good understanding of modern IT technologies and services, such as Cloud Computing, Mobile Computing, IT Security, Infrastructure technologies, Zero Trust and demonstrate an understanding of security architecture As a team we're always looking to raise the bar, learn new things and incorporate new technologies and you will too! You'll share your knowledge with the team, our clients and the wider Cyberfort community, contributing to Group blogs and undertaking research related to technology enhancements. To Be Great At The Role Customer focused and a strong verbal and written communicator. Possess strong hands on experience in reviewing project delivery plans relating to security systems evaluation of network and security technologies developing requirements for network and cloud security designs as well as hardware & software. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Possess awareness and understanding of HMG and NCSC Security policies, standards and guidance. Passionate in cyber security. Able to deliver training to end users. Motivated, self-directed and able to work in large and virtual teams. The Cyberfort Group is a community of 160+ passionate people united by one overall mission... to make the world safer, one business at a time. We are the "one-stop shop" for all things cyber and are working to build a centre of excellence for our customers by building an amazing place to work, learn and develop for our people. We work with a diverse range of clients, including large Governmental departments as well as other public sector organisations and businesses within the private sector. We're growing our business and our team through our continuous investment in developing technology and cyber capability; we aim to deliver innovation to our customers as fast as possible. Whether it's AI-driven ML-based threat intelligence or rapid start hybrid Cloud; our goal is to implement solutions that make us stand out in the market. If that sounds like you, we'd like to see...... Your CV Find your place at the Cyberfort Group - Our vision is to bring together technology, people, expertise, facilities and leaders in Cybersecurity to create capability that is second to none. We aim to create a workplace that leverages the expertise of people from a diverse range of backgrounds that are to be themselves, are celebrated for thinking differently and work together as one team. We know that a one size fits all approach to our recruitment and selection practices will not allow us to reach some of the incredible people that are out there and it's common practice for us to make adjustments. When you apply to work for us please let us know if there's anything we can do to allow you to showcase your skills and talents to the best of your ability.

Glasgow, United Kingdom

On site

Full Time

04-03-2025

Company Name: Freshfields
Job Title: Information Security Auditor
Job Description: Join Freshfields' Information Security Group (ISG) as an Information Security Auditor and play a key role in strengthening our information and cyber security operations during a period of significant technological change. Key Responsibilities: Perform security assessments for 150+ new and current suppliers annually. Audit ISO controls across the firm’s core operations Regularly update policies, processes, and risk mitigation measures Ensure compliance with security standards like ISO27001 and NIST Assess and address third-party security risks, providing recommendations for improvements Who We're Looking For: IT/Information Security Auditing experience, ideally in third-party risk management Strong knowledge of ISO 27001, with relevant auditing qualifications (Lead/Internal Auditor, etc.) Proven ability to collaborate across teams, influencing stakeholders and translating complex technical requirements Motivated, proactive, and eager to learn and grow in the security space Desirable Skills: Certifications like CISM, CISSP, CISA. Knowledge of Cloud services (SaaS, PaaS, IaaS). Familiarity with global cyber security and privacy laws. If you’re detail-oriented, organized, and excited to be a part of a forward-thinking team, apply now to make an impact! Inclusion Freshfields is an equal opportunities employer and all applications received by the firm will be considered by the firm on the basis of their merit alone and we welcome applications from all suitably qualified individuals regardless of background. All offers of employment will be conditional on the candidate having/securing the right to work in the UK and providing the firm with evidence of that right (as required by the Immigration, Asylum and Nationality Act 2006) prior to employment commencing. Freshfields is a Ban the Box employer. We ask applicants to disclose criminal convictions only when a conditional job offer is made. A conviction does not automatically lead to withdrawal of the offer: we make decisions on a case by case basis and take a number of factors into account (eg the role you are applying for and the circumstances of the offence). You would have the opportunity to discuss the matter with us before we make a decision.

Manchester, United Kingdom

On site

Full Time

04-03-2025

Company Name: GSMA
Job Title: Industry Security Programme Director
Job Description: Department: Technology Team: Security & Fraud Location: London Position type: Permanent What The Hiring Manager Says “Security is an essential component of the mobile industry whether within the development of specifications or in supporting programmes and events at the GSMA. This role will be pivotal in directing the strategy of key Industry security programmes. It will specifically focus on supporting the industry to provide value in the positioning of fraud and cybersecurity matters for the industry. The role holder will be responsible for aligning GSMA work regionally and seeking to influence senior security leaders and other eco-system partners to lift the profile of industry security.” Sam Kight, Head of Industry Security About The Team The GSMA Industry Security team is continually enhancing the support offered to its membership as the threats targeting the mobile ecosystem emerge. Our vision is to provide value for our membership in three main areas: Industry collaboration by convening membership to define industry specifications, facilitating intelligence sharing, promoting baseline controls, conducting external collaboration to ensure industry alignment. Providing expertise through subject matter experts by supporting solution and service offering development to internal and external stakeholders, as well as promoting industry Fraud and Security awareness. Defining the future by looking forward by assessing, analysing and reporting on the industry threat landscape. This is also done through engagement with standards bodies and reviewing new technologies to ensure adequate protection by design About The Role The Industry Security Programme Director is responsible for four main areas; Office of the CISO, T-ISAC, GSMA Security events and the development of new Global security initiatives. It requires alignment of security and fraud across the team, and requires engagement wider industry. The successful candidate will research security trends (threat landscape and emerging technologies), ensuring the strategy and priorities of the industry are reflected in internal/external platforms globally as well as programmes are being delivered and managed to a high quality. Specific Responsibilities Will Include Office of the CISO – Delivering Roundtables with senior stakeholders including agenda development, researching and identifying potential topics in existing/emerging technologies Support the T-ISAC to deliver a strategy that will successfully grow and develop the global programme Represent GSMA at industry leading events across a variety of regions. Working across several teams to support the development of presentations and ensuring alignment on GSMA content at these events Support the initiation of new programmes, identifying business and industry needs in the area of mobile fraud and security and translating these into the right area within GSMA’s Security team Keeping aligned the regional and local activities with the Fraud and Security Group, Regional Interest Groups and events to support a single voice for the ecosystem Advocacy of GSMA positions to external stakeholders Maintain GSMA process and procedural documents, to ensure transparency and compliance with GSMA policies About You Have previous experience cybersecurity function within a Mobile Network Operator or equipment supplier Have previous experience having managed a successful team Have previous experience in reporting to and influencing board /c-level management Have previous experience in setting strategies and delivering on agreed timescales Have knowledge of the mobile security threats faced and technologies used (legacy, current and future), and enjoy the respect of industry security professionals Have effective research, organisation and project management skills with key attention to detail and delivery of documentation Have a strong sense of business ethics and principles Be able to effectively work with others to make up for gaps in your experience or knowledge Display cultural understanding and sensitivity, recognising that GSMA is a global organisation with members from many countries and cultures Ideally speak a second language (Spanish or French desirable not essential) Be willing to do some global travel as required Contract type Regular Worker type Employee What We Offer Working at the GSMA offers you unparalleled access to the mobile industry. We offer a chance to truly shape the direction of mobile, whatever your role. By joining the GSMA, you will be exposed to a fast-paced rapidly evolving environment, working on global solutions, genuinely fascinating and industry-changing projects and a stimulating and dynamic environment designed to enable you to flourish. In addition to architect-designed offices and competitive compensation, our benefits include fantastic learning & development opportunities, generous holiday allowances, four additional days off for professional development and many others. To learn more about the GSMA, visit our career site, our LinkedIn page and our Twitter page. Being You at the GSMA We care deeply about diversity, equity and inclusivity and aspire to be the best at it. Your well-being and work/life balance is important, so flexi-time and remote working is available to all staff. We're keen to ensure everyone is equal, represented and connected so we particularly encourage applications from all demographics. The sucess of the GSMA year on year will continue to be contributed by people from all walks of life. GSMA Values Our values not only drive our culture – they shape how we work and interact inside and outside our global organisation. Passionately driven We approach everything we do with unparalleled capability, tenacity and commitment, knowing that the challenging scale, pace and complexity of our work is what leads to its world-changing impact. Insightful leaders We continually develop and engage our expertise, insight and creativity so that we’re always ready to respond to the changing landscape with authority, agility and nuance. Stronger together We lean on each other so the industry can lean on us, embracing our diversity by actively seeking out perspectives and skill sets beyond our own, fuelling each other’s successes and constantly asking how we can help. Underpinning our values is our collective mindset to show up purposefully as good human beings every day, in every situation. When we’re at our best – we are collaborative, considerate and compassionate to others, and we create a safe space for one another to thrive, assuming positive intent in our colleagues. And if we aren’t at our best and the pressure is on – we feel free to be ourselves but still remain curious, lean into the tough stuff and we are always respectful to others and accountable for the part we play.

London, United Kingdom

On site

Full Time

27-02-2025

Company Name: Amazon Web Services (AWS)
Job Title: Security Engineer II, Industry Products - Fixed
Job Description: Description As part of the AWS Solutions organization, we have a vision to provide business applications, leveraging Amazon’s unique experience and expertise, that are used by millions of companies worldwide to manage day-to-day operations. We will accomplish this by accelerating our customers’ businesses through delivery of intuitive and differentiated technology solutions that solve enduring business challenges. We blend vision with curiosity and Amazon’s real-world experience to build opinionated, turnkey solutions. Where customers prefer to buy over build, we become their trusted partner with solutions that are no-brainers to buy and easy to use. Help us protect not only the Amazon Web Services (AWS) cloud computing environment but all of our customers as well! Since 2006, our great team at AWS has been enabling our customers to bring great ideas to life in ways that aren’t possible in traditional IT environments. With AWS you can flexibly harness compute, storage, security, and other services from across the globe as your business demands them. AWS Security is on the cutting edge of security for a wide variety of platforms and technologies including cloud services, Internet of things (IoT), identity and access management, mobile devices, virtualization, and custom hardware, all operating at massive scale. Similarly, our highly collaborative team is committed to each team member’s growth as our business grows. AWS Security is looking for a Security Engineer to design security controls and help validate that our services, applications, and emerging technologies are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, articulating the security posture of a service, and decisively taking action to mitigate emerging threats throughout a full secure development life-cycle (SDLC). This role will provide career growth opportunities as you gain new security skills in the course of your work. Security engineers at AWS have an opportunity to experiment, learn, build tools, and work with teams building new technology and services at massive scale. Security engineers at all levels have the opportunity to learn from and be mentored by those who are building and securing our cutting-edge services. A security engineer is also expected to be a mentor for others and be a trusted security advisor within the organization. A security engineer at Amazon is expected to have technical expertise in multiple domains and provide significant contributions to the AWS Security team and to multiple groups throughout Amazon. Security engineers are expected to develop elegant solutions to complex security risk problems and apply appropriate technologies while following security engineering best practices. A security engineer should demonstrate strong Amazon leadership principles. This role requires the ability to foster constructive dialogue and seek resolution when confronted with differing viewpoints on security risks. Engineers in this role are expected to participate fully in the planning of the AWS Security team's work and constantly seek opportunities for process improvement. You will need a combination of troubleshooting, technical, and communication skills. An AWS Security engineer must have the ability to take ownership and deliver on multiple complex objectives which may include project and software development work. Key job responsibilities Your responsibilities will include: - Security reviews for new products, technologies, and services Secure design, architecture, and implementation Secure development life-cycle (SDLC) practices including threat modeling and security testing Influence decision-makers and stakeholders to achieve a consistently high security bar Conduct network and/or application penetration testing Create security guidance and documentation Develop security tools and automation Develop and deliver security training and outreach to internal development teams Lead security projects (including security reviews, tool development, and creation of new security practices) with end-to-end ownership Support for mentoring, team building and recruiting activities Our team puts a high value on work-life balance. It isn’t about how many hours you spend at home or at work; it’s about the flow you establish that brings energy to both parts of your life. We believe striking the right balance between your personal and professional life is critical to life-long happiness and fulfillment. We offer flexibility in working hours and encourage you to find your own balance between your work and personal lives. About The Team Why AWS Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses. Diverse Experiences Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud. Inclusive Team Culture Here at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness. Mentorship and Career Growth We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Basic Qualifications Bachelor's degree in computer science or equivalent Knowledge of networking protocols such as HTTP, DNS and TCP/IP Experience programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language Preferred Qualifications Experience with any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security Experience with programming languages such as Python, Java, C++ Experience applying threat modeling or other risk identification ...

London, United Kingdom

On site

Full Time

04-03-2025