Senior Compliance Officer

About the Job

We are looking for a Security Compliance Officer to lead Lean’s regulatory compliance efforts and ensure our security frameworks align with the highest industry standards. This role will be critical in maintaining ISO 27001, SOC 2, UAE NESA, and UAE Central Bank compliance, managing security audits, risk assessments, and data privacy requirements across the company.

Additionally, this role will support UAE banking license security requirements and work closely with engineering, legal, and risk teams to implement security best practices while enabling Lean’s growth in the Open Banking sector.

Who are we 

Lean enables companies to seamlessly connect to their users’ bank accounts to initiate real-time payments and retrieve their account information. Our products have garnered the trust of leading companies and enabled them to deliver powerful experiences when connected with a user’s bank account, allowing users to perform prudent financial planning, get better rates on loans, transfer money to friends, and more, without compromising on privacy or security.

Some of Lean’s clients include the likes of Binance, Etisalat Group, Careem, Sarwa, and many more, making it the region’s most valuable Open Banking platform. The company has now processed hundreds of millions of dollars, and its products are also connected with hundreds of thousands of accounts. Lean envisions a fully inclusive financial ecosystem that serves everyone, no matter where they bank or live in the MENAP region.

Responsibilities

• Ensure Regulatory Compliance – Maintain and enforce SOC 2, ISO 27001, UAE NESA, and UAE Central Bank security compliance frameworks.

• Lead Internal & External Audits – Prepare for security audits, certification renewals, and regulatory assessments.

• Support UAE Banking License Applications – Ensure Lean meets all security requirements necessary for banking license applications and ongoing compliance.

• Risk Assessment & Management – Identify, assess, and mitigate security risks while ensuring proper reporting to regulators and senior management.

• Data Privacy & Protection – Implement data privacy policies and compliance measures across the company, ensuring alignment with  UAE data protection laws, and other relevant regulations.

• Third-Party & Vendor Security – Conduct security due diligence for vendors, ensuring compliance with Lean’s security policies and contractual requirements.

• Security Awareness & Training – Implement security awareness programs and educate employees on compliance, fraud prevention, and data protection best practices.

• Governance & Reporting – Provide security & compliance reports to senior management and regulators, ensuring Lean’s risk posture remains strong.

Minimum Qualifications

• 7-10 years of experience in security compliance, risk management, or regulatory security in fintech, banking, or financial services.

• Deep expertise in ISO 27001, SOC 2, UAE NESA, and UAE Central Bank regulatory requirements.

• Proven track record of managing security audits, certification processes, and banking license security requirements.

• Experience with data privacy frameworks (e.g., GDPR, UAE data protection regulations) and implementing company-wide data security policies.

• Hands-on experience with SIEM, EDR (e.g., BitDefender), IAM/PAM tools, and cloud security (preferably GCP).

• Strong understanding of data encryption, secure data transfer, and data residency requirements.

• Experience conducting third-party security risk assessments and vendor security reviews.

• Strong communication skills, with the ability to collaborate with technical and non-technical stakeholders.

Desired Qualifications

• CISSP, CISM, CISA, ISO27001 Lead Auditor/Implementor or similar certifications are highly preferred.

• Experience with SAMA CSF and exposure to KSA security frameworks (e.g., SAMA cybersecurity regulations, banking security standards, or experience with SAMA audits) is a plus.

• Familiarity with Open Banking security, API security, and financial sector compliance challenges.

• Knowledge of GRC tools for tracking compliance, audits, and risk reporting.

NB. While we think the above experience could be important, we’re keen to hear from people that believe they have valuable experience to bring to the role. If you identify with the team and mission, but not all of our requirements, then please still apply!!

Why Join us?

Lean is the first regulated open banking and open finance company operating across the UAE and Saudi Arabia.  Since 2019 we've been on a mission to become the pre-eminent A2A payments company in the Middle East - enabling our clients to seamlessly connect to their users’ bank accounts to initiate real-time payments and retrieve account information. Our products have garnered the trust of some of the leading companies in the region, including the likes of Etisalat Group, Careem, Binance, Tabby, Tamara, Tawuniya, and more.

To date, Lean has processed billions of dollars, and our products have connected with hundreds of thousands of accounts across the region. We've recently announced our $67.5 million Series B funding round led by General Catalyst, following earlier investment from Sequoia Capital. This funding marks a major milestone for Lean and the financial ecosystem across the MENA region. At Lean, we’re committed to driving the next generation of financial innovation by making financial data and payments more accessible and transparent for businesses and consumers alike.

To that end, we're always on the lookout for talented, driven, and entrepreneurial candidates to join us in our mission of enabling the next generation of financial innovation. If you're motivated by solving hard problems and leaving a lasting legacy while you're at it, Lean's where you need to be.

Not only do we offer competitive salaries, private healthcare, and flexible office hours, but we also insist that every member of the team hold a meaningful equity stake in the business to ensure long-term alignment. We'd love you to join us for this journey!

Lean is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.

When applying for a job at Lean Technologies, we will need to collect, use and share Personal Data about you with different members of our team during the application process. This may mean transferring your data to members of the team in one of our office locations worldwide outside of the country you are in. Please refer to our Privacy Notice on our website for more information about how we may use and store your Personal Data