Chief Information Security Officer (CISO), UAE and Middle East & Pakistan Cluster

The Chief Information Security Officer (CISO) for the UAE, Middle East, and Pakistan Cluster leads the implementation and embedding of the Information and Cyber Security (ICS) Risk Type Framework (RTF) across diverse countries. The role requires a strategic, hands‑on approach to enhance risk‑management capabilities, ensuring consistent identification, assessment, and mitigation of security risks aligned with compliance and legal requirements while minimizing impact on clients. The CISO maintains an overarching perspective ofICS activities, conducts regular risk assessments, monitors progress, and reports outcomes to stakeholders and governance forums. The position also supports the Wholesale, Retail and Business (WRB) & Markets CISO in advancing AI and Digital Assets security strategy, fostering the organization’s focus on emerging technologies and digital innovation.

• Lead the rollout and embedding of theICS Risk Type Framework across the Middle East & Pakistan Cluster, ensuring alignment with global risk appetite and regulatory requirements.
• Develop and maintain a comprehensive understanding of the digital footprint across the cluster to inform risk assessments and security control strategies.
• Coordinate with cross‑functional teams including technology, operations, and risk management to drive consistentICS risk identification, assessment, and mitigation practices.
• Manage the execution of threat‑scenario based risk assessments locally, capturing evolving threats and vulnerabilities pertinent to the regional digital environment.
• Collaborate with the WRB & Markets CISO to advance cybersecurity strategies related to AI and Digital Assets.
• Drive continuous improvement in cyber risk management processes, fostering a culture of risk awareness and regulatory compliance.
• Engage proactively with local regulators, audit teams, and external stakeholders to demonstrate the bank’s risk management capabilities and respond to inquiries and audits.
• Maintain effective communication channels and deliver regular reporting to senior leadership and governance committees onICS risk posture and remediation progress.

• Serve as an inspirational and authoritative leader within the cluster, championing a robust cybersecurity culture and effectively managing relationships with senior executives, technology leaders, and regional partners.
• Cultivate a high‑performance team culture, supporting talent development and ensuring cybersecurity practices evolve with emerging threats and technological advancements.
• Balance strategic oversight with detailed operational focus, ensuring timely delivery of projects and adherence to regulatory commitments without sacrificing agility.

• Oversee comprehensiveICS risk management, leveraging qualitative and quantitative data to validate controls and accelerate risk assessment cycles.
• Craft specialized risk treatment plans that address thematic cyber challenges, enhancing resilience to evolving threats and embedding robust controls across technological and operational domains.
• Collaborate with regulatory bodies and audit teams to demonstrate transparency and maturity inICS risk posture, fostering trust and safeguarding the bank’s reputation.

• Drive innovative cybersecurity measures aligned with the bank’s strategic priorities around AI and Digital Asset security, collaborating with global counterparts to develop forward‑looking strategies.
• Identify opportunities to enhance cybersecurity frameworks, leveraging analytics and emerging tools to streamline risk assessments and strengthen defenses.
• Spearhead initiatives that position the bank at the forefront of cybersecurity readiness, reinforcing trust with clients and stakeholders and supporting sustained business growth.

• Deep knowledge of the cyber threat landscape and a thorough understanding ofICS controls pertinent to banking operations.
• Experience overseeing complex, multi‑year cybersecurity programs within large, matrixed organizations.
• Strong stakeholder management and communication skills, fostering productive partnerships internally and externally.
• Hands‑on experience with change and programme management in the financial services sector.
• Expertise in data‑driven risk assessment and mitigation, ensuring alignment with regulatory frameworks.

• Action‑oriented with the ability to take initiative and drive progress decisively.
• Collaborative problem‑solving and team engagement culture.
• Customer focus, ensuring cybersecurity measures align with client expectations and business needs.
• Clear communication, providing direction and guidance with confidence.
• Adaptability to manage ambiguity and evolving challenges.
• Commitment to talent development and continuous learning.
• Strategic mindset and vision, with resilience and courage to make difficult decisions.
• High integrity and trustworthiness when handling sensitive information.
• Technical expertise in cybersecurity principles tailored to the financial services context.

• Extensive experience and professional skills in cyber security landscape, application ofICS controls for financial institutions.
• Organizational and leadership abilities to manage multiple priorities across functions and regions.
• Track record of leading complex, global cyber security programs with multiple stakeholders.
• Experience in change and programme management, preferably in the financial services domain.
• Strong stakeholder engagement skills, building and maintaining relationships internally and externally.
• Data‑driven methodology, combining qualitative and quantitative data for effective risk mitigation.

A degree in Engineering, Computer Science, Information Technology, or a related discipline is preferred. Equivalent professional experience may be considered in lieu of formal education.

Minimum 15 years in cybersecurity, with a significant portion in the financial services industry. Deep expertise inICS products, cybersecurity operations, and risk management frameworks is critical.

• Ability to clearly articulate complex technological risks to non‑technical senior stakeholders.
• Experience engaging with regulators and auditors to demonstrate compliance and effective risk management.
• Strong interpersonal skills to influence and collaborate across diverse teams and leadership levels.
• Proficiency in communication, including oral, written, and presentation, with strong MS Office tools knowledge.
• Self‑motivation and capability to drive programs independently with minimal supervision.
• Analytical thinking and decision‑making skills, adept at prioritizing under pressure.
• High ethical standards, resilience, and unwavering commitment to security excellence.

The role is full‑time, office‑based in Dubai, United Arab Emirates, with coverage across the Middle East and Pakistan Cluster. It requires significant interaction with senior leaders and regulatory authorities and may involve travel within the cluster and to global sites to fulfill program objectives and stakeholder engagement.

Standard Chartered is a leading international bank renowned for sustainable growth and inclusive financial services. Operating across more than 60 markets, the bank empowers individuals and businesses worldwide with innovative banking solutions.

• Competitive compensation package supporting overall wellbeing and work‑life balance.
• Robust retirement savings schemes and comprehensive medical & life insurance coverage.
• Flexible and voluntary benefits tailored to diverse individual needs.
• Generous paid time‑off policies, including parental/maternity leave up to 20 weeks and sabbatical opportunities.
• Flexible working arrangements to support varied work styles and locations.
• Digital wellbeing platforms, resilience training, employee assistance programs, mental health support, and self‑help resources.
• Opportunities for professional development, reskilling, and upskilling across diverse learning modalities.
• Inclusive environment where every team member is respected and empowered to reach their full potential.