Head of Infortmation Security Office

Head of Information Security Office is responsible for developing and leading the enterprise-wide security program, including digital and physical assets and managing cybersecurity. Leading a team of security professionals and partners across domains including governance risk and compliance, security architecture and standards, security operations center, identity and data access management, business continuity, physical security and emergency management.  The HISO will play a critical role in protecting TMB's customers, employees and shareholders from the full range of security threats.   They will define a clear security vision aligned to The Banks risk appetite and work with all stake hodlers to ensure appropriate levels of prevention, detection, and response.

Job Responsibility :

• Define long-term (3- 5 year) goals regarding Information Security which are aligned and support overall Bank's risk appetite levels, security policies and digitization transformation goals. Develop and execute strategic plan to ensure the long-term goals of Information Security Office are reached then cascade down the strategic plan to teams under supervision and working with key external parties to deliver results and monitor the progress of work, seek for solutions where deviation from plan detected.  Manage appropriate escalation where necessary.
• Develop enterprise-wide security programs including digital and physical assets and managing cybersecurity
• Identify, report and control incidents related to security and business continuity
• Monitor threats and take preventative measures to prevent impact to The Bank beyond risk appetite levels
• Control security budget, with a cost-benefit approach to security investment decisions
• Be the key point of contact internally and externally on Information and Cyber Security for TMB 
• Manage Information Security staff and ensure appropriate levels of training for security staff

Qualification :

• Masters Degree in suitable discipline / -CISSP, CISM and/or CISA preferred
• Minimum 12 years in Information Technology or Information Security and 6 years in Management level.
• Knowledge of relevant security standards: NIST, ISO, PCI-DSS and others
• Experience in Security Operations Centre and Security Analytics
• Experience in system and applications security management and control.
• Strong communication skills at all levels of organization.  Strong Leadership , analytical , coordinating, problem-solving skills, initiative and crisis management
• Able to lead agenda within an agile business environment
• Passionate about IT and Cyber security agenda
• Good command in English