Assistant Manager, Security Operation & Incident Management (UAE National)

Full time on site
Assistant Manager, Security Operation & Incident Management (UAE National)
Job Description

Dubai, AE Permanent ID: 100352

Description

Operating in the UAE for over 50 years, CBD manages the financial requirements of some of the largest corporates and businesses operating in the country, driving the UAE economy. Over the years, CBD has transformed into a progressive and modern banking institution winning multiple awards for its digital initiatives, credit cards, bank accounts, mobile app features and services.

CBD has been recognized as the number one bank in the UAE on the Forbes list of The World’s Best Banks 2022.

As we continue to build upon our successes, we are looking for ambitious individuals who are passionate about the banking and finance industry and the markets in which CBD operates. Just as important to us is your ability to demonstrate a talent for dealing with people - your colleagues and our customers - and delivering service that really goes the extra mile.

Job Purpose:

We are seeking a highly skilled and experienced Senior Manager, Security Operations \& Incident Management to lead our security operations and manage incident response efforts. This role is critical in supporting the CISO office and ensuring the security and resilience of our IT infrastructure and protecting our bank's data and systems from cyber threats.

Job Responsibilities:

Security Operations:

  • Oversee the daily operations of the Security Operations Center (SOC) working across 1LoD \& 2LoD security teams.

  • Develop and implement security monitoring and incident detection strategies.

  • Ensure the effective use of security tools and technologies to protect the bank's assets.

  • Monitor security alerts and manage the response to potential security incidents.

  • Support the CISO office Conduct regular security assessments and audits to identify vulnerabilities.

Incident Management:

  • Own the incident response plan to address security breaches and incidents.

  • Lead the incident response team in investigating and resolving security incidents (including participation in a 24/7 leadership rota and ad‑hoc out‑of‑hours support, as required).

  • Assess and articulate business, operational, regulatory, and reputational risk arising from security incidents to support executive and regulatory decision‑making.

  • Support risk acceptance, prioritisation, and remediation decisions where residual risk remains.

  • Coordinate with internal and external stakeholders during incident response activities.

  • Conduct post-incident reviews and implement lessons learned to improve security measures.

  • Ensure timely and accurate reporting of security incidents to relevant authorities and stakeholders.

Threat Intelligence:

  • Develop and maintain a threat intelligence program to identify and analyze emerging threats.

  • Translate threat intelligence into measurable business risk, including impact assessment, likelihood, and recommended response options.

  • Collect, analyze, and disseminate threat intelligence to relevant stakeholders.

  • Collaborate with external threat intelligence providers and industry peers to stay informed about the latest threats.

  • Integrate threat intelligence into security operations and incident response processes.

  • Review, triage, and escalate high‑risk threat intelligence and supplier‑related incidents in coordination with the SOC and IT Security teams, including outside normal business hours where risk severity or timeliness requires.

Security Assurance:

  • Support risk assessments and vulnerability analysis to identify potential threats and ensure alignment with the Bank’s risk appetite and regulatory expectations (ISMS/Projects/Change/Thematic).

  • Support threat modelling as part of DevSecOps and other change activity.

Leadership and Collaboration:

  • Provide leadership and guidance to the security team, fostering a culture of security awareness and continuous improvement.

  • Collaborate with other departments to integrate security into all business processes.

  • Stay updated on the latest security threats, trends, and technologies, and share knowledge with the team.

Requirements

Qualifications \& Experience:

  • Bachelor’s degree in computer science, Information Security, or a related field
  • Relevant certifications (e.g., CISSP, CISM) are highly desirable.
  • Minimum of 10 years of experience in information security within the banking industry, with at least 3 years in a leadership role.
  • Strong knowledge of security frameworks (e.g., ISO 27001, NIST).
  • Experience with end-to-end management of security incidents.
  • Excellent understanding of regulatory requirements (e.g., GDPR, PCI-DSS, UAE-specific regulations).
  • Experience of Threat Modelling (MITRE ATT@CK, STRIDE, OWASP etc).
  • Proven ability to manage and lead a team.
  • Strong analytical and problem-solving skills.
  • Excellent communication and interpersonal skills.
Share this job:
ES Assistant Online
Hello! I am your AI career assistant. How can I help you today?