Senior Manager, Security Operations & Incident Management

Description

Operating in the UAE for over 50 years, CBD manages the financial requirements of some of the largest corporates and businesses operating in the country, driving the UAE economy. Over the years, CBD has transformed into a progressive and modern banking institution winning multiple awards for its digital initiatives, credit cards, bank accounts, mobile app features and services.

CBD has been recognized as the number one bank in the UAE on the Forbes list of The World’s Best Banks 2022.

As we continue to build upon our successes, we are looking for ambitious individuals who are passionate about the banking and finance industry and the markets in which CBD operates. Just as important to us is your ability to demonstrate a talent for dealing with people - your colleagues and our customers - and delivering service that really goes the extra mile. 

Job Purpose 

Lead CBD's security operations and manage incident response efforts. This role is critical in supporting the CISO office and ensuring the security and resilience of our IT infrastructure and protecting our bank's data and systems from cyber threats.

Principle Accountabilities

• Oversee the daily operations of the Security Operations Center (SOC) working across 1LoD & 2LoD security teams.
• Develop and implement security monitoring and incident detection strategies.
• Ensure the effective use of security tools and technologies to protect the bank's assets.
• Monitor security alerts and manage the response to potential security incidents.
• Support the CISO office Conduct regular security assessments and audits to identify vulnerabilities.
• Own the incident response plan to address security breaches and incidents.
• Lead the incident response team in investigating and resolving security incidents. (24/7 rota with leadership team)
• Coordinate with internal and external stakeholders during incident response activities.
• Conduct post-incident reviews and implement lessons learned to improve security measures.
• Ensure timely and accurate reporting of security incidents to relevant authorities and stakeholders.
• Develop and maintain a threat intelligence program to identify and analyze emerging threats.
• Collect, analyze, and disseminate threat intelligence to relevant stakeholders.
• Collaborate with external threat intelligence providers and industry peers to stay informed about the latest threats.
• Integrate threat intelligence into security operations and incident response processes.
• Provide actionable intelligence to enhance the bank's security posture and mitigate risks.
• Support risk assessments and vulnerability analysis to identify potential threats (ISMS/Projects/Change/Thematic).
• Support threat modelling as part of DevSecOps and other change activity.

Requirements

Experience and Qualifications

• Minimum of 10 years of experience in information security, with at least 3 years in a leadership role.
• Strong knowledge of security frameworks (e.g., ISO 27001, NIST).
• Experience with security architecture and design.
• Excellent understanding of regulatory requirements (e.g., GDPR, PCI-DSS, UAE-specific regulations).
• Experience of Threat Modelling (MITRE ATT@CK, STRIDE, OWASP etc)
• Bachelor's degree in Computer Science, Information Security, or a related field.

Skills

• Proven ability to manage and lead a team.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.