Now it’s your time to join the #1 bank in the Middle East and one of the most prestigious financial companies in the region. Shaking up the world of banking requires a lot of smarts and skill. We’re looking for the brightest and best to help us reach our goals and we’ll also help you reach yours. Your success is our success as you grow stronger in your career. Join us and leave a legacy of your own, as a pioneer in both the company and the industry.

FAB, the UAE’s largest bank and one of the world’s largest and safest institutions, offers an extensive range of tailor-made financial solutions, products and services. Headquartered in Abu Dhabi the bank’s international network spans five continents.

EAIWS IEC is looking for a Infra Audit & Remediation Principal Analyst with experience and expertise in Infrastructure and IT Security, Risk management, audit and regulatory compliance. You will be a technical leader and exemplary practitioner. 

• As a Principal Analyst you will be responsible to facilitating end-to-end Audit, Security reviews & RCSA activities until closure of observations.
• Responsible for providing necessary technical support which includes design, security and infra domain to facilitate in evaluating and remediating audit & security observations.
• Assisting in providing management response to Audit observations, and dashboard reporting on the status of the identified risk observations.
• Presenting findings and recommendations to senior management within IT with the proposed actions and the timelines to remediate.
• Regular interactions with all internal teams like Infra teams, Network & Security team, telecom team & vendor co-ordination etc. as well for remediation.

You will need exceptionally strong technical skills, strong business acumen, analytical skills, and be able to deal with ambiguity in a fast-paced environment. 

The degree or level of the job accountabilities is dependent upon the grade of the Jobholder in the Jobholder position. The job accountabilities for the Jobholder include, but are not limited to the following:

• Managing the audit and remediation engagements for EAIWS.
• Interacting with the internal teams and work collaboratively for closure.
• Participate in regular meetings with IT Risk & Governance team to track and update the progress of the observations.
• Interacting with  Infra team wherever  necessary and troubleshoot challenges  wherever encountered.
• Evaluate and assess the remedial measures for the observations logged in JIRA tool.
• Meticulously track the items for closure.
• Carry out assignments, alone or as part of a team, applying knowledge, skills, and experience.
• Demonstrate an understanding of the issues and problems raised and proposes viable solutions within the acceptable scope.
• Maintain detailed knowledge of current practice within own area of expertise.
• Work with business users, IT business and technical support teams and vendors, monitor and report on the progress of required tasks and maintain an emphasis on the early identification and, rectification of problems.
• Provide subject matter expertise to strengthen controls design and implementation effectiveness.
• Work with architecture and security in strengthening the controls implementation and effectiveness.
• Works with Service line teams to support remediation of risk and enhance overall controls posture.
• Manage teams onsite and offsite supporting FAB UAE and International locations.

Specific Accountability

• Assist in the design and implementation of efficient and effective internal controls, operating efficiency and the adequacy of records and recordkeeping.
• Review and appraise policies and procedures for strict compliance with established internal policies and procedures and external regulations as well as safeguarding of all assets.
• Recommend changes and improvements to audit engagement procedures or FAB Information Security and IT policies.
• Develop and present an annual risk assessment for the purpose of identifying and prioritizing potential audits and area of improvement.
• Manage EAIWS Internal & external audits engagement, ensuring efficiency and effectiveness, depth of knowledge, applicability, and to best utilize available resources and achieve established objectives.
• Communicate any internal control weakness and recommendation for complying with findings and legal requirements to Head of Service.
• Keep abreast of all trends and developments in regulatory requirements and security updates; implement and react quickly to any changes to protect FAB EAIWS interests.
• Maintain an effective working relationship with Technology Risk Management, Information Security management and Internal auditors.
• Perform other related duties as required and assigned, consistent with the goals, objectives, and responsibilities of Infra Audit & Remediation function.
• Demonstrate intellectual curiosity and analytical skills in areas of complexity, ambiguity and diversity.
• Demonstrate initiative to develop, implement and direct compliance activities, and to develop appropriate policies and procedures.

Minimum Qualification

•  A  Bachelor's in  Computer Science and/or Master's degree in  business administration, computer science, information science or related field
• Professional certification such as PMP, CISA, CISSP, CISM and CRISC.
• AWS or Azure certified preferred.
• 8+ years of cybersecurity, IT risk management, IT audit and/or compliance experience, preferred within the financial services sector.

Minimum Experience

• Min. Graduate, Master preferred
• At least 10-15 years of experience in Audit & Remediation role
• Experienced in managing the team size of more than 5-10 people
• In depth knowledge of banking & Infrastructure technology is essential and experience of working with cross functional team
• Good stakeholder management capability and worked with Senior Management
• Requires strong ethical conduct and business acumen.
• Requires strong data analysis, analytical and organizational skills.
• Must exhibit a significant level of trust and diplomacy in addition to normal courtesy and tact.
• Must maintain current knowledge and understanding of industry trends and practices in the areas of audit, compliance and risk management.
• Requires excellent verbal and written communication skills. Work will require extensive personal contact with others.
• Subject matter expertise in IT operations & security control domains such as cloud security, application security, change management, disaster recovery, data center operations, information security and networks.
• Experience with cloud transformation risk management journey.
• Exceptional leadership, time management, facilitation and organizational skills including the ability to exercise influence with or without direct management responsibility.
• Strong proficiency of multiple security, IT Compliance and auditing standards and regulatory requirements including but not limited to, NESA, GDPR, MAS, HKMA, NIST 800-53, COBIT, ISO 27001, OWASP, ITILv3, CSA.