Chief Information Security Officer (CISO)

The Chief Information Security Officer (CISO) for the UAE and Middle East & Pakistan Cluster is a critical leadership role focused on implementing and embedding the Information and Cyber Security (ICS) Risk Type Framework (RTF) across various countries within the cluster. This position demands a strategic and hands-on approach to enhance ICS risk management capabilities, ensuring consistent identification, assessment, and mitigation of security risks aligned with compliance and legal requirements, while minimizing client impact.

Key Responsibilities:

• Lead the rollout and embedding of the ICS Risk Type Framework across all countries within the Middle East & Pakistan Cluster.
• Develop and maintain a comprehensive understanding of the digital footprint across the cluster to inform risk assessments and security control strategies.
• Coordinate with cross-functional teams including technology, operations, and risk management to drive consistent ICS risk identification, assessment, and mitigation practices.
• Manage the execution of Threat Scenario-based risk assessments to capture evolving threats pertinent to the regional digital environment.
• Collaborate to advance cybersecurity strategies related to Artificial Intelligence and Digital Assets.
• Engage proactively with local regulators, audit teams, and external stakeholders to demonstrate the bank’s risk management capabilities.
• Maintain effective communication and deliver regular reporting to senior leadership on ICS risk posture and remediation progress.

Leadership and Stakeholder Engagement: The CISO will serve as an inspirational leader, fostering a robust cybersecurity culture and effectively managing relationships with senior executives, technology leaders, and regional partners.

Risk Management and Compliance: Oversee comprehensive ICS risk management, leveraging qualitative and quantitative data to validate controls and accelerate risk assessment cycles.

Innovation and Strategic Initiatives: This role plays a pivotal part in driving innovative cybersecurity measures aligned with the bank’s strategic priorities around Artificial Intelligence and Digital Asset security.

Qualifications:

• A degree in Engineering, Computer Science, Information Technology, or a related discipline is ideal. Equivalent professional experience may be considered.
• A minimum of 15 years of experience in Cybersecurity, preferably within the financial services industry.
• Deep expertise in ICS products, cybersecurity operations, and risk management frameworks is critical.

Skills and Experience:

• Comprehensive understanding of the Cybersecurity landscape and application of ICS controls specific to financial institutions.
• Proven organizational and leadership abilities to manage multiple priorities efficiently.
• Significant experience in change and programme management.
• Exceptional stakeholder engagement skills.

Additional Information: This role includes leadership duties and significant interaction with senior leaders and regulatory authorities. Travel within the cluster and to global sites may occasionally be required.

Language Requirements: Fluency in English is expected; additional language skills may be beneficial.