Cyber & Information Risk Manager

Accountabilities & Key Roles :

• Communicate Cyber & Information risk strategy, policies and frameworks to all functions and ensuring adherence to them.
• Develop relevant compliance measures and associated monitoring techniques and processes/tools to assess the compliance with established policies to minimize losses for the Bank/Group.
• Contributing to Bank/Group management reporting on risk exposure related to cyber risk posture.
• Focal point of all Central Bank’s requirements and associated compliance measure per IT asset group, business unit and country.
• Maintain and update Cyber & Information Security Policy and coordinate the efforts with all stakeholders in the organization for proper implementation.
• Assess existing information technology processes and coordinate an assessment of implemented technologies controls to measure compliance and recommend necessary security requirements.
• Analyze relevant global threats to AB Group stakeholders.
• Disseminate Cyber & Information risk documents across the organization and ensure proper understanding of all stakeholders.
• Contribute to the development technology technical standards.
• Liaise with the Information Technology Department to implement the required technical controls, RFP preparations, vendor selection and follow-up projects implementation/progress, and provide security consultancy where needed.
• Communicate information assets classification standards and associated handling processes to all stakeholders to ensure compliance across the organization.
• Coordinate an information security risk assessments by All Country Risk Managers within their region.
• Update and promote Cyber & information security training and awareness programs to staff & customers.
• Define necessary techniques/processes/tools to monitor and ensure comprehensive assessment and remedy to the following: 1. Unauthorized access to the bank assets 2. Non-compliance with the security policy and controls 3. Penetration testing to assess risks and identify vulnerabilities 4. Internal/External vulnerability assessment on IT assets.

Job Requirements:

Education:

• Graduated degree in Information Technology, or information systems or any related field from a recognized University.
• Recognized relevant professional certification preferred (CISSP, CISM).

Experience:

• Minimum 7 years of IT Risk experience in a leading regional or international Organization.

Competencies:

• Fluent in English & Arabic.
• Excellent analytical skill.
• Good understanding of regulatory requirements.
• Good computing & modeling skills.
• Ability to read, summarize and present.
• Excellent understanding information security standards (ISO 27001), CobIT, PCI, NIST-CSF.
• Good knowledge in developing information security policies and standards, risk assessment process, vulnerability assessment tools, and information security technologies.
• Excellent project management skills.
• Excellent interpersonal, communication, and presentation skills.

للتقدم على الوظيفة