Dubai, AE Permanent ID: 100352
Operating in the UAE for over 50 years, CBD manages the financial requirements of some of the largest corporates and businesses operating in the country, driving the UAE economy. Over the years, CBD has transformed into a progressive and modern banking institution winning multiple awards for its digital initiatives, credit cards, bank accounts, mobile app features and services.
CBD has been recognized as the number one bank in the UAE on the Forbes list of The World’s Best Banks 2022.
As we continue to build upon our successes, we are looking for ambitious individuals who are passionate about the banking and finance industry and the markets in which CBD operates. Just as important to us is your ability to demonstrate a talent for dealing with people - your colleagues and our customers - and delivering service that really goes the extra mile.
Job Purpose:
We are seeking a highly skilled and experienced Senior Manager, Security Operations \& Incident Management to lead our security operations and manage incident response efforts. This role is critical in supporting the CISO office and ensuring the security and resilience of our IT infrastructure and protecting our bank's data and systems from cyber threats.
Job Responsibilities:
Security Operations:
Oversee the daily operations of the Security Operations Center (SOC) working across 1LoD \& 2LoD security teams.
Develop and implement security monitoring and incident detection strategies.
Ensure the effective use of security tools and technologies to protect the bank's assets.
Monitor security alerts and manage the response to potential security incidents.
Support the CISO office Conduct regular security assessments and audits to identify vulnerabilities.
Incident Management:
Own the incident response plan to address security breaches and incidents.
Lead the incident response team in investigating and resolving security incidents (including participation in a 24/7 leadership rota and ad‑hoc out‑of‑hours support, as required).
Assess and articulate business, operational, regulatory, and reputational risk arising from security incidents to support executive and regulatory decision‑making.
Support risk acceptance, prioritisation, and remediation decisions where residual risk remains.
Coordinate with internal and external stakeholders during incident response activities.
Conduct post-incident reviews and implement lessons learned to improve security measures.
Ensure timely and accurate reporting of security incidents to relevant authorities and stakeholders.
Threat Intelligence:
Develop and maintain a threat intelligence program to identify and analyze emerging threats.
Translate threat intelligence into measurable business risk, including impact assessment, likelihood, and recommended response options.
Collect, analyze, and disseminate threat intelligence to relevant stakeholders.
Collaborate with external threat intelligence providers and industry peers to stay informed about the latest threats.
Integrate threat intelligence into security operations and incident response processes.
Review, triage, and escalate high‑risk threat intelligence and supplier‑related incidents in coordination with the SOC and IT Security teams, including outside normal business hours where risk severity or timeliness requires.
Security Assurance:
Support risk assessments and vulnerability analysis to identify potential threats and ensure alignment with the Bank’s risk appetite and regulatory expectations (ISMS/Projects/Change/Thematic).
Support threat modelling as part of DevSecOps and other change activity.
Leadership and Collaboration:
Provide leadership and guidance to the security team, fostering a culture of security awareness and continuous improvement.
Collaborate with other departments to integrate security into all business processes.
Stay updated on the latest security threats, trends, and technologies, and share knowledge with the team.
Qualifications \& Experience: