Head Enterprise Security and Compliance

• Ability to demonstrate leadership and influence the direction of the Bank towards secure technological arrangements, especially, in the space of Cloud and API security.
• Keep abreast of regulatory developments locally and internationally as well as evolving best practices
• Track Bank's compliance across multiple security frameworks including ISO, SWIFT CSF, SOC2, NIST, CIS and maintain up-to-date records of requirements and corresponding mitigating controls.
• Work closely with key stakeholders to understand the business requirement for projects, develop effective working relationships during project implementation, discuss security measures, and explain secure system design requirements.
• Conduct risk assessments and security tests and design countermeasures to eliminate as many potential risks as possible.
• Identify possible security threats and recommend the best security measures.
• Review the work of colleagues when necessary to identify regulatory compliance issues and provide advice or training.
• Remain up-to-date with the latest security systems, tools, trends, and technology. Suggest improvements to existing security systems.
• Develop key performance metrics to track and ensure compliance with established policies and standards.
• Should be able to prioritize and deliver multiple projects while ensuring comprehensive documentation.

• Masters in Computer Science or Information Security or MIS
• At least one of the following professional training or certification:
• CISA
• CISM
• CISSP
• CRISC
• ISO27001

• Minimum 10 years of experience in IT or Information Security

HBL