Information Security Officer, Saudi Arabia

Information Security Officer, Saudi Arabia

Your role
Do you have a curious mind and a passion for Information Security? The subject of information security is rapidly evolving within the financial industry. You can play an important role and have real impact in shaping and responding to the various challenges in this field. If that piques your interest, and you have an affinity with information security, we have a position for you!

We are looking for someone like you to:

1. be responsible for Cybersecurity and BCM for the entities in Saudi Arabia, facing off to CMA, SAMA, and Tadawul
2. chair a cybersecurity and BCM committee for the entities, ensuring all topics and decisions relevant to the entities are covered in this committee and communicated to senior management
3. ensure the cybersecurity strategy of the bank is implemented in Saudi Arabia, taking local regulatory requirements into account
4. conduct regular self-assessments to ensure compliance with SAMA, CMA, Tadawul, and NCA cybersecurity requirements
5. manage internal and external audit activities related to Cybersecurity and BCM
6. tailor the global UBS employee cybersecurity awareness program to meet local regulatory requirements, and ensure it is effectively implemented
7. collaborate with Information Security colleagues across the region and the central CISO team to ensure knowledge sharing and best practices, and with central cyber threat assessment teams to ensure the threat landscape in Saudi Arabia and the region is well understood
8. coordinate annual BCM testing exercises, including Crisis Management and Cybersecurity simulation tabletop exercises, and ensure the infrastructure and application landscape is appropriately risk-assessed, vulnerability and penetration tested, and track risks until closure

Your team
You'll be based in Riyadh, Saudi Arabia, working alongside the information technology team, a small group of multitalented individuals that provide an array of technology services across Wealth Management, Investment Banking, and Asset Management. This includes onshore trading and wealth management platforms, as well as other regulatory systems such as Watheeq and SARIE. You'll liaise closely with the Compliance and Business teams as well as the CEO and other key stakeholders to ensure that regulatory requirements are met.

Your expertise

1. at least 5 years' experience in a senior information security role, covering governance and regulatory topics
2. familiarity with SAMA and CMA cybersecurity frameworks, Tadawul Members Requirements, NCA Essential Cybersecurity controls, and SDAIA Personal Data Protection Law
3. experience interacting with the key regulators in Saudi Arabia, including SAMA, CMA, and Tadawul, and assessing compliance with their frameworks
4. specialization in cybersecurity with suitable qualifications such as CISSP or postgraduate study in cybersecurity
5. extensive experience working for or consulting to a global organization in one or more of the following areas: Cyber Security, Information Security, CIS Regulatory, Information Technology Audit, Cyber/Information Security Operational Risk Management, or Risk Control
6. experience in a Financial Services organization and investment banking would be beneficial
7. fluent in English with excellent verbal and written communication skills (conveying clear, accurate, and concise information) and can interact with multiple stakeholders at different levels within the organization

About us
UBS is the world's largest and the only truly global wealth manager. We operate through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management, and the Investment Bank. Our global reach and the breadth of our expertise set us apart from our competitors. We have a presence in all major financial centers in more than 50 countries.

Join us
At UBS, we embrace flexible ways of working when the role permits. We offer different working arrangements like part-time, job-sharing, and hybrid (office and home) working. Our purpose-led culture and global infrastructure help us connect, collaborate, and work together in agile ways to meet all our business needs. From gaining new experiences in different roles to acquiring fresh knowledge and skills, we know that great work is never done alone. We know that it's our people, with their unique backgrounds, skills, experience levels, and interests, who drive our ongoing success. Together we're more than ourselves. Ready to be part of #teamUBS and make an impact?