Assistant Vice President, Cyber Security

Do you want your voice heard and your actions to count?

Discover your opportunity with Mitsubishi UFJ Financial Group (MUFG), one of the world’s leading financial groups. Across the globe, we’re 150,000 colleagues, striving to make a difference for every client, organization, and community we serve. We stand for our values, building long‑term relationships, serving society, and fostering shared and sustainable growth for a better world.

With a vision to be the world’s most trusted financial group, it’s part of our culture to put people first, listen to new and diverse ideas and collaborate toward greater innovation, speed and agility. This means investing in talent, technologies, and tools that empower you to own your career.

Join MUFG, where being inspired is expected and making a meaningful impact is rewarded.

Independent function to oversee the Branch governance, policies, procedures and controls in relation to cybersecurity including both data and physical security in accordance with the rules and regulations of KSA.

None (o)

• To be a subject matter expert in respect of the Saudi Arabian Monetary Authority (SAMA) – Cyber Security Framework (currently Ver 1.0 – 2017)
• Implement All required outcomes from SAMA Cyber Security framework.
• To maintain the expertise in relation to SAMA Cyber Security Requirements and at all times maintain this level of expertise.
• Developing and maintaining cyber security strategy, policy, architecture and risk management process in order to apply cyber security controls throughout the branch.
• Ensuring that detailed security standards and procedures are established, approved and implemented
• Delivering risk‑based cyber security solutions that address facilities, people, process and technology
• Developing the cyber security staff to deliver cyber security solutions in a business context
• Monitoring of the Cyber Security activities (SOC Monitoring)
• Monitoring of compliance with Cyber Security regulations, policies, standards and procedures
• Overseeing the investigation of Cyber Security incidents
• Gathering and Analyzing threat intelligence from internal and external sources
• Performing Cyber Security reviews
• Conducting cyber security risk assessments on the Members Organisations Information Assets
• Proactively supporting other functions on cyber security, including
• Performing information and system classifications
• Determining cyber security requirements for important projects
• Performing cyber security reviews
• Defining and conducting the cyber security awareness programs
• Measuring and reporting the KRIs and KPIs on cyber security strategy, policy compliance, standards, procedures and programmes.
• Monitoring the cyber security activities in the branch.
• Conducting cyber security risk assessments in the branch information assets
• Supporting other functions on cyber security related matters.
• Establish and Chair Riyadh Cybersecurity Committee.
• Be a representative in the MENA Cybersecurity committee.
• Ensure the periodical cyber security self‑assessments are planned implemented and reported to both Management and as required to SAMA.
• Act as the subject matter expert for Cyber Security region for the MENA Region.
• Development of strong working relationships with colleagues across the Middle East Region and throughout EMEA. Act as culture carrier for the Bank.
• To ensure that the Branches Projects meet cyber security requirements.
• Cyber Security should be integrated into the Branches Project Management methodology to ensure that cyber security risks are identified and addressed as part of a project and that objectives are included into all phases of the project.
• Cyber security risks and issues must be identified within all projects.
• Cyber Security Awareness to create a risk‑aware culture where the branches staff, third parties and customers which will protect the branches information assets.
• Ensure cyber security training and ISSP training are conducted on a specified periodic basis that ensures relevant up to date training is given to all relevant parties within Riyadh Branch.
• Establish Cyber Security training records.
• Proactive management of vendor relationships including the management of any appointed consultants.
• Create necessary strategies and policies in collaboration with the related parties under the guidance of the Head of Riyadh Branch and/or senior management.
• Educate junior staff and improve their skills and working capabilities so that improve the total staff standard.
• Support the Head of Riyadh Branch by taking lead and contributing to establish Riyadh Branch as the best working place in MUFG.

• University degree or equivalent
• CISSP – Qualification or demonstration of working towards this qualification

• Experience of working in the KSA Financial sector for a multi‑national company within IT or Security
• Experience of IT development and administration of KSA in‑country systems such as SARIE.
• Experience of security officer role of KSA in‑country systems such as SARIE.
• Previous experience of ITSM (IT Service Management) and ITIL (Information Technology Infrastructure Library) practice.
• Be sufficiently qualified to undertake the Head of Information Security role as per the requirements of SAMA.
• Being accepted by means of no objection by SAMA for this role.

• Experience of building cyber security governance, strategy, policy and procedures.

• Competent understanding of enterprise IT systems and IT Security technologies
• Ability to produce reports, present confidently and deliver messages that inform and influence
• Excellent project management skills
• Fluency in verbal and written Arabic and English
• Ability to create a branch governance, strategy, policy and procedures
• Ability to identify the gap between corporate cyber security policy, procedures and KSA
• Ability to run the cyber security risk management process
• KSA National

• Prince 2 or PMBOK – Project Management

• Teamwork and Professionalism
• Integrity and responsibility
• Challenge ourselves to grow

*As duties and responsibilities change, the job description will be reviewed and amended in consultation with the job holder. The job holder will carry out any other duties as are within the scope, spirit and purpose of the job as requested by the line manager or Head of Department/Division.

We are open to considering flexible working requests in line with organisational requirements.

MUFG is committed to embracing diversity and building an inclusive culture where all employees are valued, respected and their opinions count. We support the principles of equality, diversity and inclusion in recruitment and employment, and oppose all forms of discrimination on the grounds of age, sex, gender, sexual orientation, disability, pregnancy and maternity, race, gender reassignment, religion or belief and marriage or civil partnership.

We make our recruitment decisions in a non‑discriminatory manner in accordance with our commitment to identifying the right skills for the right role and our obligations under the law.