Location (Remote). Application take under 5 mins to complete
Al Rayan Bank is a growing, ethical and incredibly diverse bank based in new offices in the leafy suburb of Edgbaston, a stone's throw away from central Birmingham. As part of the Masraf Al Rayan Group which is the 2nd largest bank in Qatar, we've got exciting growth plans and aim to deliver a professional, first class service to our customers.
We are on the lookout for an Information & Cyber Security Manager
The Information & Cyber Security Manager lead and drive information risk and cyber security to support the Bank's risk appetite and develop and implement the overall security strategy of the Bank.Key Responsibilities & Tasks
- Develop and implement IT risk and information security strategy, policies, shared security services and action plans.
- To develop, embed and mature a security architecture framework to support the Bank's ongoing digital transformation.
- Partner and work with Risk as the 2nd Line of Defence for appropriate oversight.
- Support the Bank's overall regulatory commitments, providing appropriate operational security information, KPI/KRI and reporting.
- Lead the development, implementation, and successful execution of information security and cyber operations.
- Lead, manage, develop, and motivate people in line with the Al Rayan Bank Management Charter to ensure they know what is expected of them, maximise their performance and develop their potential.
- Identify and analyse risks, recommend appropriate mitigations, and document all components in clear, business intelligible language.
- Support the Bank's governance framework by participating in subsequent committee meetings.
- Serve as a SME to senior management and the executive in the management, implementation and maintenance of cyber risk and security.
- Maintain a strong understanding of emerging technology, risks and industry trends and assess the impact on the business environment, recommending appropriate mitigation actions where necessary.
- Oversee the execution of information security projects and promote a culture of information security to continually raise awareness.
- Prepare and contribute to technical documentation such as security project requirements, solution design documents and support baseline configuration standards.
- Support the bank's adoption of Payment Card Industry Data Security Standard (PCI DSS), SWIFT compliance and alignment to an Information Security Standard such a ISO 27001/NIST and ensure effective implementation and monitoring of controls.
- Ensure compliance with internal policies and procedures.
- As a member of the Bank's Operational Risk & Compliance Committee, timely submission of KPI reporting, highlighting issues/concerns requiring immediate attention and remediation.
- Governance and management of 3rd party suppliers by performing supplier reviews and periodic due diligence, liaising with the business owners for remediation of any issues.
- Lead, manage, develop and motivate people in line with the Al Rayan Bank Management Charter to ensure they know what is expected of them, maximise their performance and develop their potential.
- Deliver one off activities and projects to the outcomes and standards agreed with line manager.
- Significant experience of leading, developing and implementing risk and information security strategy, policies, shared security services and action plans.
- Full understanding and experience of Payment Card Industry Data Security Standard (PCI DSS), SWIFT and Information Security Standards such as ISO 27001/NIST controls.
- Proven track record or leading, motivating and developing people/teams.
- Strong technical understanding of Unix/Linux and Microsoft environments
- Good understanding of the IT architecture and functional landscape of the IT environment, along with comprehensive knowledge to overarch with the KPIs for information security monitoring.
- Experience overseeing and managing third party relationships and proven track record of working with penetration testing partners, organizing pen-tests, and defining remediation SLAs.
- Maintain positive attitude and enthusiasm in challenging situations; motivate and partner with the business units to meet information security objectives.
- Ability and willingness to adopt a flexible approach to demands and challenges.
- Strong organisational and personal effectiveness skills, including time and project management.
- Excellent oral and written communication, facilitation skills and ability to present confidently and to engage, influence and manage stakeholders, developing effective relationships at all levels effectively.
This is a fantastic opportunity to join our growing bank where we can offer exceptional opportunities for you to make your mark and progress your career in a diverse, ethical bank that you can actually believe in.
Empowering your career, together we'll deliver banking you can believe in.