Job Description

Key Responsibilities:

Supporting all new & existing information security and data privacy program activities across the Group. She/He will also lead the team to align with business stakeholders on possible ways to meet security challenges and promote security awareness & security culture across the organization. Creating the culture of business security champions to develop awareness across the organization. She/he ensures early involvement of security in business projects to avoid unnecessary rework or delays. Tracking of regional regulatory frameworks and data privacy standards, which the Group must adhere to. Such as UAE NESA, GDPR, PDPSA TRM, SAMA CSF, RBI Guidelines, PCI DSS, SWIFT etc. Translating regulatory requirements (such as GDPR, PDPA, etc) into business outcomes required for the data security and privacy programs. Assess, track, drive and maintain regulatory compliance across the Group (local & international). Partner with cross-functional core stakeholders within both security engineering, Group IT, business, risk & audit to influence regulatory direction and facilitate key decision points for inclusions within business requirements Communicate impact of not including regulatory requirements to stakeholders both at the technical level (group IT) and at the end user level (business) Represent Group Information Security at project board meetings and present security's regulatory viewpoint on gaps and all possible options to close them Act as an advisor to Group IT & business stakeholders by ensuring effective decision-making using facts, regulatory knowledge & laws and providing options for possible solutions to challenges Prepare & conduct EXCO & Senior Management meetings for the overall cybersecurity posture

Knowledge Areas:

Deep experience in alignment of business and IT requirements including translation of business requirements into security requirements (vice versa). Deep experience in communication and alignment with security teams and implementation teams. Deep expertise on current regulatory agenda and corresponding assessment methodologies. Deep general banking, business acumen and business area knowledge is necessary to identify the right solutions for business and to steer the implementation teams into the right direction as well as making sure that a proper relationship to the business side is established. Regulatory compliance management/frameworks, information security/cyber/technology controls understanding, Data Privacy Strong technical background covering heterogeneous technologies and multiple security domains Well-grounded in Data privacy regulations and concepts and the implementation of such in a banking environment. Deep knowledge of security frameworks and how to embed them into business requirements Knowledge required of security controls, typical pitfalls and required measures for security compliance. Deep experience of the current new and emerging technologies backbone and available technologies within the security space. Deep knowledge of data security and privacy tools used in implementation including latest market trends and their possible application to the bank Collaborative leadership style that involves a mix of resource & project planning along with delegation, decision making & conflict resolution (Management) Analytical Thinking ability that thinks 3-4 steps ahead, can plan for contingencies and is forward thinking (Thinking Related) Has the ability to make decisions based on factual data, situational awareness & business impacts (Thinking/Self Related) Collaborative leadership style that involves managing downward, coaching employees, and building lasting relationships with business and technical stakeholders (People Related) Is transparent, accepts responsibility and takes accountability; accepts mistakes and learns from them (Self Related) Cascades leadership culture to his teammates and across information security domains (Self Related) Team Player who believes in working together; listen to other's ideas; communicate accurately & concisely (People Related) Strong Customer Focus: Consistently doing what is in the best interest of the customer. Leaving a positive impression on the customer by elevating their experience; making it simpler and educating to helping them understand (People Related) Possesses high emotional intelligence to be able to manage self when dealing with stakeholders & teammates (Self Related) Empathizes with teammates and stakeholders alike and understands on-the-ground reality situations (Self Related)

Work/Educational Experience:

8+ years' experience in the Information Security & Data privacy domain of which at least 3 years in the financial industry University degree or equivalent work experience required. Master's Degree in Business Management or equivalent desired. Responsibilities: Eligibilities: