445 Information Security Manager jobs in the United Arab Emirates

Role: Business Support Senior Officer

Location: Abu Dhabi

Role Purpose:

• This position plays a vital role in driving business information security management reporting to the chief information security officer (CISO) as the primary point of contact internally and externally.
• The incumbent will hold a management role, responsible for managing information security changes and improvement initiatives.
• They will work closely with the CISO, all GISD leaders, Emiratization department in HR, and new joiners, as well as other GISD management teams, to follow up on GISD performance measures and assist in the delivery of information security cross-unit initiatives.
• In addition, this role will support information security management in coordinating initiatives between GISD and executive management stakeholders, other business functions departments, IBGs, and ADIB subsidiaries' central bank, and the UBF.

Key Accountabilities of the Role:

• Ensure full responsibility for emiratization projects and development within the GISD team and maintain a healthy ratio according to ADIB goals.
• Responsible for CISO office communication to external departments and subsidiaries.
• Ensure the follow-up action related to GISD staff strategy is tracked across GISD.
• Ensure maintenance of the CISO workbook for GISD leaders prioritization and tracking is done centrally.
• Ensure all recruitment and onboarding are executed timely.
• Ensure external relationship awareness and branding of GISD team is managed and consolidated in alignment with CISO strategy.
• Involved in day-to-day business functions, they coordinate and collaborate with various departments and team members in many organizational structures.
• Handle onboarding of new employees, orientation, and introductory training for new joiners.
• Help build initiatives and create a positive team culture through engagement and initiatives to foster diversity, inclusion, and team building.
• Collaborate with stakeholders to develop and deliver training programs on information security best practices.
• Collaborate with other heads and managers across the Group Information Security Department (GISD) and ADIB to assess their needs and gather inputs.
• Building relationships with GISD leadership teams to understand processes, procedures, and control.
• Promoting self-critical and continuous assessment and improvement cybersecurity culture (people, process, and technology) are brought to light and addressed in an effective, innovative, and timely manner.
• Support CISO with committee and board meeting requirements.
• Reconciles invoices and payment based on monthly spending.
• Work with GISD senior management and leadership team to scope and prioritize information security services.
• Work with the team to support and deliver information security events and activities, including security awareness programs, campaigns, team building.
• Coordinate with HR, Marketing Communication, and other business departments in planning, organizing, and enhancing cyber security branding.
• Act as the point of contact and communicate services status to internal participants and external stakeholders.

Key Responsibilities:

• Manage technical delivery of security services by managed security service providers.
• Serve as key point of contact for information security operational requests.
• Review supplier provided reports and ensure adherence to agreed SLAs.
• Ensure effectiveness of security services provided by managed services provider for detection, prevention, protection and remediation of security incidents.
• Enforce information security controls to meet Etihad security standards, policies and regulatory requirements by managed services provider.
• Provide support for information security investigation requests.
• Report status of information security situational awareness as requested.
• Ensure service provider applies security policies, requirements and controls to all supported platforms.
• Support security services providers to define and document security procedures and configurations.

Required Skills:

• Graduate degree in Computer Science or Management Information Systems.
• A minimum of 5+ years of experience in Cybersecurity.
• Deep knowledge and experience of security technologies and processes delivered in a Managed Security Services environment.
• Understanding of ISO27001, NIST, UAE Govt Cybersecurity standards and international regulations pertaining to Information Security and data privacy.
• Proficiency in industry standard Service Management Operations principles: Incident Management, Vulnerability Management, Change Management etc.
• Ability to manage execution of projects by security services providers and internal teams.
• Strong written and oral communication skills required.

Job Title: Senior Information Security Manager

About the Role:

The Senior Information Security Manager is responsible for leading the development and implementation of global best practices in information security, ensuring the safety and security of all systems and applications within our organization.

Main Responsibilities:

• Develop and update comprehensive information security policies and procedures to ensure adherence to industry standards and regulations.
• Monitor and detect potential security threats, respond to and address them promptly, and store relevant data in our databases.
• Present regular reports to identify technical requirements and propose solutions for our organization's policies.
• Daily monitoring of attempts to breach our network and work to eliminate vulnerabilities.

Requirements:

• Bachelor's degree in computer science, IT, or a related field.
• At least 9 years of experience in information security management.
• Familiarity with advanced technologies and future trends.
• Ability to collect and analyze data to provide statistics and recommendations.
• Proficient in using computers, software, and applications.
• Strong language skills in English.
• Familiarity with information management and communications technology.
• Awareness of the latest applications and technologies used in communications.

Job Title: Cybersecurity Incident Response Leader

• The Cybersecurity Incident Response Leader will lead the cybersecurity incident response team oversee its day-to-day operations and manage the SOC shifts.
• This role requires collaboration with various internal teams and departments as well as external partners and cybersecurity agencies to ensure an effective and timely response to all security incidents.
• The leader must demonstrate strong leadership skills encourage teamwork optimize team performance and develop incident response strategies.
• Additionally this position demands hands-on expertise in handling complex L3 security incidents from detection to disposition including leveraging AI-driven threat detection and automated incident response tools.
• The role also requires strong crisis management and stakeholder communication skills to effectively coordinate during high-impact security events.

1. Lead the cybersecurity incident response team managing both the day-to-day operations and the strategic development of incident response capabilities.
2. Develop oversee and refine incident response plans playbooks and strategies to ensure rapid and effective response to security breaches.
3. Maintain and enhance information security monitoring processes tools and technologies driving continuous improvements and reducing gaps between current and ideal states.
4. Demonstrate adaptability and innovation to address evolving threat landscapes continuously enhancing the response approach.
5. Directly handle L3 security incidents overseeing their detection analysis containment and resolution.
6. Supervise the staff's utilization of security monitoring tools and ensure high levels of team performance and engagement.
7. Coordinate with threat intelligence monitoring teams and other security functions to effectively communicate incident findings to leadership and relevant stakeholders.
8. Implement and maintain robust incident response frameworks including industry standards such as NIST MITRE ATT&CK and best practices for coordinated response efforts.
9. Prepare and present post-incident reports including lessons learned and recommendations for preventive measures to executive management.

• Proven experience in managing security operations centers and incident response teams.
• Demonstrated capability in hands-on management of L3 security incidents from detection through to disposition.
• Strong leadership skills with the ability to motivate and guide teams.
• Expertise in information security principles the cyber threat landscape and incident response protocols.
• Excellent communication and interpersonal skills to interact with various business units and IT departments.
• Knowledge of ISO 27001 NESA PCI DSS SWIFT and other information security standards and regulations.
• Familiarity with incident response frameworks (NIST MITRE ATT&CK) and best practices in managing cybersecurity incidents.
• Ability to manage multiple tasks with high attention to detail and organizational skills.
• Bachelor's degree in engineering IT or a related technical discipline.
• Relevant certifications in cybersecurity and incident management (e.g. CISSP CISM GCFA GCIH).

Ideal Candidate Profile:

A seasoned professional with over 10 years of experience in information security particularly in incident management and response within banks or financial institutions.

Strategic thinker with excellent problem-solving skills.

Collaborative team player with exceptional communication and interpersonal skills.

Results-driven leader with a proven track record of success in managing security operations centers and incident response teams.

Accountabilities and Key Roles:

• Lead the Bank's Cybersecurity Strategic vision, while aligning with business strategy
• Supervise cybersecurity program revision and implementation, along with managing the coordination with IT teams and aligning tasks for better overall efficiency and stronger program.
• Close coordination IT and Operational teams for an ongoing assessment of deployed and new technologies and process to ensure comprehensive monitoring and timely remediation of any potential (Confidentiality, Integrity & Availability) threats.
• Act as a key advisor to executive management on information and cybersecurity risks, controls, and governance, to ensure alignment with business objectives, risk appetite and regulations.
• Drive a culture of security across the organization by promoting awareness, training, and an understanding of cybersecurity risks among all employees and stakeholders.
• Stay updated with all applicable regulations (Cyber, IS, I&T, Cloud and Privacy) to ensure full alignment of AB Cyber & Information Security policies and framework.
• Plan detailed development and enforcement of full Cyber & Information Security Risk Assessment Framework with relevant KPI/KRIs to different operational levels.
• Manage the automation of Cyber & Information Security framework, with accurate and real-time monitoring against established controls (People, Process & Technology) KRIs and Risk Appetite, including timely view at all stakeholders' levels including executives management.
• Ensure proper management of Asset Management Process commissioning and decommissioning to ensure proper (Identification, Classification & Labelling) across the Bank eco-system (including 3rd parties and cloud services).
• Manage of Access Management Process, staff access (Provisioning, transfer and departure) as well as asset authority matrices to ensure full unique identity, accountability, and segregation of duties across the Bank eco-system (including 3rd parties and cloud services).
• Monitor the results of all PT, External/ VA, Configuration Compliance, Internal/External Audit Reports (including Independent 3rd party due diligence or assessment of the Bank compliance with best practices), Controls (Technology & Process) effectiveness evaluation activities across the Bank eco-system with real-time integration into the Bank Enterprise GRC (Governance, Risk, and Compliance) solution.
• Handle regular and add-hoc executives communications and regulators.

Job Requirements:

Education

:

• Bachelor's degree in in Information Technology, or information systems or any related field from a recognized university, a business administration degree is a plus.
• At least 3 of relevant professional certifications CISM, CRISC, CGEIT, CISSP, CSA CCSK, etc.

Experience

:

• Minimum of 10 years of experience in IS experience in a leading regional or international organization, with a minimum of 5 years managing teams across multiple locations including remote.

Competencies

:

• Good managerial skills and Problem Solving skills.
• Fluent in Arabic and English.
• Excellent computing and analytic modeling skills
• Very Good experience in implementing and auditing information security standards (ISO 27001, NIST CSF, CSA-CCM, CobIT).
• In-depth understanding of developing information security policies and standards, risk assessment process, vulnerability assessment tools, and information security technologies.
• Good project management skills.
• Excellent interpersonal, communication, and presentation skills.
• Ability to interact effectively with senior management and regulators.

What We Offer at Arab Bank

At Arab Bank, we offer a purpose-driven and inclusive environment where innovation, continuous learning, and employee wellbeing are at the core. We are proud to welcome individuals of all generations, genders, and backgrounds, valuing the diverse perspectives that strengthen our culture and contribute to our success.

One of our Business Unit in Crypto Exchange is seeking IT Security Manager who can lead the development and execution of robust security strategies to protect digital assets, wallets, and blockchain infrastructure including hot/cold wallet infrastructure, smart contract risk, blockchain node integrity, cross-chain bridge integrations, and regulatory-grade compliance.

• Design and enforce a zero-trust cryptographic infrastructure: HSMs, MPC wallets, Multi-sig key schemes, hardware vaults.
• Build automated key lifecycle policies: generation, backup, rotation, destruction, access governance.
• Manage and harden hot wallet logic, withdrawal queues, velocity controls, and anomaly detection (Tx fingerprinting, withdrawal heuristics).
• Perform continuous threat modeling and adversarial testing across smart contracts, exchange logic, oracle integrations, bridges, and custody flows.
• Detect and respond to advance on-chain threats: MEV front-running, oracle manipulation, flash loan exploits, contract upgrades, reentrancy, etc.
• Audit and secure blockchain nodes (Ethereum, Bitcoin, Solana, etc.) include network exposure, data integrity, consensus participation, and signing operations.
• Conduct red/blue team exercises targeting wallet flows, APIs, admin consoles, settlement systems, and internal ops.
• Integrate custom rules into SIEM (Splunk, Sentinel, or Web3-native SIEM) for detecting unusual blockchain behavior, compromised keys, etc.
• Lead postmortems and forensic investigations for any suspected compromise or wallet manipulation.
• Map technical security controls to UAE VARA, Travel Rule, FATF VASP guidance, and ISO 27001.
• Lead internal and third-party audits for smart contracts, custody models, and key access policies.
• Design crypto-native incident reporting frameworks to align with local regulators, exchanges, and law enforcement.
• Drive a culture of security by designing across products, backend, and DevOps teams.
• Present regular security risk updates to C-levels and investors — focusing on digital asset resilience and fraud mitigation.
• Implement robust cybersecurity measures to protect systems and data.
• Conduct regular independent penetration testing (PT) and vulnerability assessments (VA) to ensure optimal security.
• Maintain a Business Continuity and Disaster Recovery (BCDR) plan to minimize disruptions in the event of incidents.

Education & Experience

• Bachelor's degree in Cybersecurity , Information Security with 8-10 years of experience in the cybersecurity domain with 3-5 years in crypto/blockchain environment (CEX, DEX, custodians, wallets, or Layer-1s).
• Proven experience securing in Multi-sig, MPC, HSM or threshold key architectures, Smart contracts in Solidity, Vyper , Web3 protocols, bridges, DeFi integrations.

Scope and Purpose

Information Security Senior Assistant Manager operates in close cooperation with the local Information Security Officer (ISO) and with the Head Office teams to ensure the definition of the objectives for the Cybersecurity and Business Continuity Programs and monitors compliance with such objectives.

Specific accountabilities of the Information Security Assistant Manager in support of the local ISO:

• Responsible for the oversight of the state of information security and cybersecurity and provides periodic reports (at least annually) on the state of information security to Top management
• Adopt, implement and update Cybersecurity policies, rules, processes and procedures in line with Head Office regulatory Framework
• In reporting to the Top Management, considers to the extent applicable the confidentiality of Nonpublic Information and the integrity and security of Information Systems, the cybersecurity policies and procedures, the material cyber risks, the overall effectiveness of information security and cybersecurity program and possible material cybersecurity events involving the branch
• Work strategically with Head Office to ensure that all aspects of information security and cybersecurity are properly monitored and that security projects and tasks are properly coordinated
• Perform continuous monitoring of Information Security and Cybersecurity programs to ensure compliance with objectives, policies and procedures
• Identify and evaluate changes in local regulations, as well as trends in the Information Security and Cybersecurity sector, such as new products, new attacks and new countermeasures for applicability inside the Branch environment
• Ensure the local execution of Business Continuity activities, including periodical Business Impact Analysis, tests and reporting, in line with the Group model.
• Work with information owners in business units to determine appropriate security objectives
• Monitor network activity for malicious activity
• Monitor and evaluates vulnerability reports, vendor hot-fixes, and vendor patches for applicability to deployed technologies
• Monitor the process of creating, changing, or removing user access across all systems
• Monitor the access control program. Ensure that all appropriate documentation pertaining to the recording of account creations, deletions, and permissions are correctly maintained and approved
• responsible for the Cybersecurity and Business Continuity Training Programs

Required Experience

Previous experience in a similar role preferable.

Required Qualifications, Skills and Knowledge

• Bachelor's in computer science, Information Technology or related field;
• Master's degree a plus;
• Background in assuring high level of Information Security management and Business Continuity management in an organization;
• IT/Info/Cyber Security risk management knowledge, including application risk classification and application control assessments;
• Knowledge of financial industry products and related IT platform, a plus.

About us

We are the leading banking group in Italy and one of the Top Tier in Europe. Join us and be part of our successful story

With over 20 million customers in Italy and abroad, we are a true engine of sustainable growth, with a strong commitment to the environment and a tangible impact on society. People are our driving force. We take care of them and foster an inclusive culture where everyone feels valued and empowered.

Join an international and innovative Group. Don't wait for the future, choose it

CSO - Information Security Assistant Manager

Join to apply for the CSO - Information Security Assistant Manager role at Intesa Sanpaolo

Information Security Senior Assistant Manager operates in close cooperation with the local Information Security Officer (ISO) and with the Head Office teams to ensure the definition of the objectives for the Cybersecurity and Business Continuity Programs and monitors compliance with such objectives.

• Responsible for the oversight of the state of information security and cybersecurity and provides periodic reports (at least annually) on the state of information security to Top management
• Adopt, implement and update Cybersecurity policies, rules, processes and procedures in line with Head Office regulatory Framework
• In reporting to the Top Management, considers to the extent applicable the confidentiality of Nonpublic Information and the integrity and security of Information Systems, the cybersecurity policies and procedures, the material cyber risks, the overall effectiveness of information security and cybersecurity program and possible material cybersecurity events involving the branch
• Work strategically with Head Office to ensure that all aspects of information security and cybersecurity are properly monitored and that security projects and tasks are properly coordinated
• Perform continuous monitoring of Information Security and Cybersecurity programs to ensure compliance with objectives, policies and procedures
• Identify and evaluate changes in local regulations, as well as trends in the Information Security and Cybersecurity sector, such as new products, new attacks and new countermeasures for applicability inside the Branch environment
• Ensure the local execution of Business Continuity activities, including periodical Business Impact Analysis, tests and reporting, in line with the Group model.
• Work with information owners in business units to determine appropriate security objectives
• Monitor network activity for malicious activity
• Monitor and evaluates vulnerability reports, vendor hot-fixes, and vendor patches for applicability to deployed technologies
• Monitor the process of creating, changing, or removing user access across all systems
• Monitor the access control program. Ensure that all appropriate documentation pertaining to the recording of account creations, deletions, and permissions are correctly maintained and approved
• Responsible for the Cybersecurity and Business Continuity Training Programs

Previous experience in a similar role preferable.

• Bachelor's in computer science, Information Technology or related field;
• Background in assuring high level of Information Security management and Business Continuity management in an organization;
• IT / Info / Cyber Security risk management knowledge, including application risk classification and application control assessments;
• Knowledge of financial industry products and related IT platform, a plus.

We are the leading banking group in Italy and one of the Top Tier in Europe. Join us and be part of our successful story

With over 20 million customers in Italy and abroad, we are a true engine of sustainable growth, with a strong commitment to the environment and a tangible impact on society. People are our driving force. We take care of them and foster an inclusive culture where everyone feels valued and empowered.

Join an international and innovative Group. Don't wait for the future, choose it

• Entry level

• Full-time

• Finance

• Banking and Investment Banking

CSO - Information Security Assistant Manager - Abu Dhabi Branch

Date: Sep 10, 2025

Location:

Abu Dhabi, AE

Information Security Senior Assistant Manager operates in close cooperation with the local Information Security Officer (ISO) and with the Head Office teams to ensure the definition of the objectives for the Cybersecurity and Business Continuity Programs and monitors compliance with such objectives.

Specific accountabilities of the Information Security Assistant Manager in support of the local ISO:

• Responsible for the oversight of the state of information security and cybersecurity and provides periodic reports (at least annually) on the state of information security to Top management
• Adopt, implement and update Cybersecurity policies, rules, processes and procedures in line with Head Office regulatory Framework
• In reporting to the Top Management, considers to the extent applicable the confidentiality of Nonpublic Information and the integrity and security of Information Systems, the cybersecurity policies and procedures, the material cyber risks, the overall effectiveness of information security and cybersecurity program and possible material cybersecurity events involving the branch
• Work strategically with Head Office to ensure that all aspects of information security and cybersecurity are properly monitored and that security projects and tasks are properly coordinated
• Perform continuous monitoring of Information Security and Cybersecurity programs to ensure compliance with objectives, policies and procedures
• Identify and evaluate changes in local regulations, as well as trends in the Information Security and Cybersecurity sector, such as new products, new attacks and new countermeasures for applicability inside the Branch environment
• Ensure the local execution of Business Continuity activities, including periodical Business Impact Analysis, tests and reporting, in line with the Group model.
• Work with information owners in business units to determine appropriate security objectives
• Monitor network activity for malicious activity
• Monitor and evaluates vulnerability reports, vendor hot-fixes, and vendor patches for applicability to deployed technologies
• Monitor the process of creating, changing, or removing user access across all systems
• Monitor the access control program. Ensure that all appropriate documentation pertaining to the recording of account creations, deletions, and permissions are correctly maintained and approved
• responsible for the Cybersecurity and Business Continuity Training Programs

Previous experience in a similar role preferable.

• Bachelor’s in computer science, Information Technology or related field;
• Background in assuring high level of Information Security management and Business Continuity management in an organization;
• IT/Info/Cyber Security risk management knowledge, including application risk classification and application control assessments;
• Knowledge of financial industry products and related IT platform, a plus.

We are the leading banking group in Italy and one of the Top Tier in Europe. Join us and be part of our successful story!

With over 20 million customers in Italy and abroad, we are a true engine of sustainable growth, with a strong commitment to the environment and a tangible impact on society. People are our driving force. We take care of them and foster an inclusive culture where everyone feels valued and empowered.

Join an international and innovative Group. Don't wait for the future, choose it!

#sharingfuture

We guarantee an inclusive and equal environment. We will consider all applicants regardless of race, religion, sexual orientation, gender identity, marital status, national origin, age, disability, or any other protected category in compliance to D.lgs. 198/2006, 215/03 and 216/03.

For the evaluation of the application, the data will be processed by Intesa Sanpaolo S.p.A. as Data Controller. We invite you to review the dedicated Privacy Information Notice for more details.