FAB, the UAE's largest bank and one of the world's most secure financial institutions, is dedicated to creating value for its employees, customers, shareholders, and communities. Through innovation, agility, and differentiation, FAB is committed to fostering growth.

We are looking for top talent and your success is our success. Accelerate your growth as you help us reach our goals and advance your career. Be ready to make your mark a top company, in an exciting and dynamic industry.

Job Purpose::

The Regional Security Head (RSH) will be responsible for managing the FAB’s Information Security Program at the regional level.

The Regional Security Head will report to Head of International Security and shall be responsible to plan, implement, monitor, and review the information security program in the consultation with Group Security Office – Head office team. The RSH shall ensure the information security program is in alignment with the regulatory, legal, and statutory requirement of the region and the business strategy. The Regional Security Head role will be operating out of FAB Regional office and will require travel within the region while fulfilling the responsibilities.

Additional role:

The Information Security Officer (ISO) will be responsible for managing the FAB’s Information Security and Data Privacy Program for Singapore. He/She serves as the process owner of the appropriate second-line functional activities related to confidentiality, integrity, availability, privacy and recovery of information owned or processed by the business unit in compliance with regulatory requirements.

Job Responsibilities:

Specific Accountability

• Security Compliance requirements at respective International location.
• Highlight security status & concerns to management.
• Consult with IT and information security staff to ensure that implementation plan is established.
• Review and provide recommendations to IS policies, standards, guidelines/ processes with respect to international regulatory requirements
• Actively participate and contribute to GSO initiatives
• Track open Audit issues on information security to closure
• Risk assessments for local implementations
• Inform HO on any new 3rd party technology vendor for vendor assessment

MAS-Individual Accountability & Conduct

• Responsible for a Core Management Function of the bank and designated as a Senior Manager
• Adhering to the Fit and Proper requirements of the bank; Being responsible for the actions of the employees and the conduct of the business under their purview
• Delegation of some of the responsibilities permitted to other personnel or committees, but accountability cannot be delegated.
• Confirm and attest to the Job Description and Balance Scorecard on a periodic basic (if any)
• Degree of accountability: Determination whether and to what extent you may be accountable for misconduct committed by employees under your purview, factors such as your consent or level of knowledge of or participation in the misconduct, or whether you could reasonably be expected to have been aware or to have taken adequate steps to address the issue, shall be taken into consideration. The bank shall conduct the necessary investigations and, depending on the facts and circumstances of the case, take the appropriate action, including referring the case to MAS or other relevant authorities where necessary.
• Responsible for the timely completion and approval of MRP assessments of employees under purview
• Adhere to the Bank's Code of Conduct

#LI-KD1

• Information Security or IT Security or IS Audit background
• Must be having a minimum 10 years of Information Security Experience.
• Expert knowledge of Information Security Domains and should be certified (CISA, CISSP or CISM or any other relevant security certification)
• Experience in a similar type of role in a multinational business and dealing with regulatory authorities, governments, and industry bodies
• Experience in managing international security or regional security teams
• Knowledge of MAS TRM (MAS 644), MAS Cyber Hygiene (MAS 655), HKMA’s TMG1, TMG 2, SA-2 and BYOD requirements, Labuan Financial Authority, CBIRC and other Information Security specific regulations in China, and other applicable regulations.
• Privacy requirements for the region including Singapore’s Personal Data Protection Act, Hong Kong’s Personal Data Protection Ordinance, China’s Personal Information Protection Law
• Ability to make good judgments regarding security risk and to prioritize resources and activity around managing those risks
• Able to conduct the role independently and with integrity
• Ability to plan, organize and prioritize tasks and projects
• Good personal communication skills capable of dealing with wide range of stakeholders, including senior management
• Fluent in English (mandatory) and other South East Asian languages (desirable)