Information Security Lead

About the role:

We are looking for an Information Security Lead. To lead and manage the overall approach to Information Security, Governance, Risk and Compliance. You will be implementing security policies, procedures and execute internal or external audits alongside regulators such as SAMA.Plans, analyses, designs, configures, tests, implements, and maintains Tabby's information security infrastructure responsive to business requirements and applicable regulations.

You’ll be working in a dynamic, rapidly evolving environment with the following responsibilities:

• Develops and manages overall approach to data security and information protection
• Align standards, frameworks and security with overall business and technology strategy
• Design’s security architecture elements to mitigate threats as they emerge
• Audits the collection, use and retention of all personal data within Tabby
• Ensures all Tabby policies around data protection and information security are up to date and fit for purposes
• Leads on the identification of data security and information protection risks across the organisation and works with stakeholders to develop and implement mitigation plans, escalating issues as appropriate
• Acts as a subject matter expert on data security for projects looking to implement new tools, products, or processes.
• Supports the CISO to achieve the highest standards of information security across Tabby’s network
• Oversees maintenance of systems to protect data from unauthorized users
• Develops and maintains process maps, which show how data flows through the organisation
• Leads and facilitates organisational training and communications around data security and information protection issues.
• Oversee incident response planning as well as the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary.
• Implements measures to protect digital files and information systems against unauthorized access, modification, or destruction
• Maintains data and monitor security access
• Develops strategies to respond to and recover from a security breach
• Coordinate’s security plans with outside vendors
• Develop or implement tools to assist in detection, prevention, and analysis of security threats
• Develops modules and leads on awareness training on information security standards, policies, and best practices
• Conducts periodic network scans to find any vulnerability
• Other duties commensurate with the post as required.

You should apply if you are:

• Degree in Information Technology, Computer Science, Software Engineering, or related field
• Knowledge of Information Technology security issues and approaches to manage Information Technology security with a fast paced Fintech environment.
• Knowledge of data protection operations and legislation (GDPR), SAMA CSF, ISO27001, PCI-DSS
• Experience of identifying risks in data security management processes, developing, and implementing remedial action.
• Excellent communication, influencing and stakeholder management skills
• Experience of working across teams to deliver solutions and generate high levels of internal buy-in
• Excellent project management skills and experience of leading on data security projects across multiple locations.
• Experience of developing and delivering training.
• Experience of developing and implementing data security policies and protocols.
• Experience of working in a culturally diverse environment