Job Summary

The role of Chief Information Security Officer (CISO) for the UAE and Middle East & Pakistan Cluster is a critical leadership position focused on driving the implementation and embedding of the Information and Cyber Security (ICS) Risk Type Framework (RTF) across the diverse countries within the cluster. This position demands a strategic and hands-on approach to enhance the ICS risk management capabilities, ensuring consistent identification, assessment, and mitigation of security risks aligned with compliance and legal requirements while minimizing impact on clients.

The CISO will maintain an overarching perspective of ICS activities, conducting regular risk assessments, monitoring progress, and reporting outcomes to relevant stakeholders and governance forums. Key to this role is fostering strong, collaborative relationships across multiple teams including the Cluster CTOOs/CIOs, CISO groups, Operational Technology and Cyber Risk units, and Security technology teams to ensure effective control deployment and digital footprint management.

In addition to regional responsibilities, this position supports the Wholesale, Retail and Business (WRB) & Markets CISO in advancing the Artificial Intelligence and Digital Assets ICS Security Strategy, reflecting the organization's focus on emerging technologies and digital innovation. The incumbent will drive organizational adoption of a robust security risk framework, embodying exceptional leadership and the ability to influence at all levels within and beyond the organization.

As the designated CISO authority for the region, the role includes overseeing risk profile development, orchestrating risk assessments, and implementing treatment plans tailored to unique country environments while advancing threat scenario-based risk evaluation methodologies. This includes establishing mechanisms to address recurrent cyber issues and promoting stringent cyber hygiene practices to safeguard the bank’s digital assets and operations.

Key Responsibilities

• Lead the rollout and embedding of the ICS Risk Type Framework across all countries within the Middle East & Pakistan Cluster, ensuring alignment with the bank's global risk appetite and regulatory requirements.
• Develop and maintain a comprehensive understanding of the digital footprint across the cluster to inform risk assessments and security control strategies.
• Coordinate with cross-functional teams including technology, operations, and risk management to drive consistent ICS risk identification, assessment, and mitigation practices.
• Manage the execution of Threat Scenario-based risk assessments locally, to capture evolving threats and vulnerabilities pertinent to the regional digital environment.
• Collaborate with the WRB & Markets CISO to advance cybersecurity strategies related to Artificial Intelligence and Digital Assets, positioning the organization as a leader in these critical domains.
• Drive continuous improvement in cyber risk management processes, fostering a culture of risk awareness and regulatory compliance.
• Engage proactively with local regulators, audit teams, and external stakeholders to demonstrate the bank’s risk management capabilities and respond effectively to inquiries and audits.
• Maintain effective communication channels and deliver regular reporting to senior leadership and governance committees on ICS risk posture and remediation progress.

Leadership and Stakeholder Engagement

• The CISO will serve as an inspirational and authoritative leader within the cluster, championing a robust cybersecurity culture and effectively managing relationships with senior executives, technology leaders, and regional partners. This role demands influencing without direct command, using credibility, expertise, and collaborative engagement to drive cybersecurity initiatives across a complex, multinational environment.
• Responsibility extends to cultivating a high-performance team culture that embraces change and innovation, supporting talent development, and ensuring that cybersecurity practices evolve with emerging threats and technological advancements.
• The position also involves balancing strategic oversight with detailed operational focus, ensuring the timely delivery of projects and adherence to regulatory commitments without sacrificing agility or responsiveness.

Risk Management and Compliance

• The successful incumbent will oversee comprehensive ICS risk management, leveraging both qualitative and quantitative data to validate controls and accelerate risk assessment cycles. This includes refining processes to capture emerging risks, ensuring cyber hygiene, and maintaining risk within the bank’s appetite.
• Candidacy will involve crafting specialized risk treatment plans that address thematic cyber challenges, enhancing resistance to evolving threats, and embedding robust controls across technological and operational domains.
• Firm adherence to compliance obligations is essential, with active collaboration with regulatory bodies and audit teams to demonstrate transparency and maturity in ICS risk posture, fostering trust and safeguarding the bank’s reputation.

Innovation and Strategic Initiatives

• This role plays a pivotal part in driving innovative cybersecurity measures aligned with the bank’s strategic priorities around Artificial Intelligence and Digital Asset security. The CISO will collaborate with global counterparts to develop and implement forward-looking strategies that anticipate future threat landscapes and integrate cutting-edge security technologies and methodologies.
• The incumbent will identify opportunities to enhance cybersecurity frameworks, leveraging analytics and emerging tools to streamline risk assessments and strengthen defenses.
• By spearheading these initiatives, the CISO helps position the bank at the forefront of cybersecurity readiness, reinforcing trust with clients and stakeholders and supporting sustained business growth.

• Applicants should demonstrate deep knowledge of the cyber threat landscape and a thorough understanding of ICS controls pertinent to banking operations. Expertise in overseeing complex, multi-year cybersecurity programs within large, matrixed organizations is vital.
• Effective organizational and leadership capabilities are required to manage competing priorities and tight deadlines, ensuring delivery of high-impact outcomes across diverse teams and geographies.
• Strong stakeholder management and communication skills are essential, facilitating productive partnerships internally and externally. Candidates must exhibit a collaborative mindset and a proven ability to foster inclusive, cooperative environments.
• Hands-on experience with change and programme management in the financial services sector will be an advantage, reflecting familiarity with regulatory frameworks and security compliance standards.

Personal Attributes and Competencies

• Action-oriented with the ability to take initiative and drive progress decisively.
• Collaborative approach to problem-solving and team engagement.
• Strong customer focus, ensuring cybersecurity measures align with client expectations and business needs.
• Clear communication, providing direction and guidance with confidence.
• Ability to manage ambiguity and adapt to evolving challenges.
• Commitment to developing talent and fostering continuous learning.
• A visionary mindset with strategic thinking capabilities.
• Resilience and courage to make difficult decisions where necessary.
• High levels of integrity and trustworthiness in managing sensitive information.
• Technical expertise in cybersecurity principles and frameworks, tailored to the financial services context.

Skills and Experience

The ideal candidate will possess extensive experience and professional skills including but not limited to:

• Comprehensive understanding of the Cybersecurity landscape and Application of ICS Controls specific to financial institutions.
• Proven organizational and leadership abilities to manage multiple priorities efficiently.
• Track record of successfully leading complex, global cybersecurity programs with multiple stakeholders across functions and regions.
• Significant experience in change and programme management, preferably in the financial services domain.
• Exceptional stakeholder engagement skills, with an ability to build and maintain strong relationships fostering trust and cooperation.
• Capability to use data-driven methodologies, combining qualitative and quantitative data to assess and mitigate risks effectively.

Qualifications

Educational Background

A degree in Engineering, Computer Science, Information Technology, or a related discipline is expected. Equivalent professional experience may be considered in lieu of formal education.

Professional Experience

A minimum of 15 years in Cybersecurity, with a significant portion gained within the financial services industry, is preferred. Deep expertise in ICS products, cybersecurity operations, and risk management frameworks is critical.

Additional Skills and Knowledge

• Ability to clearly articulate complex technological risks and processes to non-technical senior stakeholders.
• Experience engaging with regulators and auditors to demonstrate compliance and effective risk management.
• Strong interpersonal skills to influence and collaborate across diverse teams and leadership levels.
• Proficiency in communication, including oral, written, and presentation abilities, with strong command of MS Office tools.
• Self-motivated and capable of driving programs independently with minimal supervision.
• Strong analytical thinking and decision-making skills, adept at prioritizing under pressure.
• High ethical standards, resilience, and an unwavering commitment to security excellence.

Additional Role Information

This is a full-time, office-based role located in Dubai, United Arab Emirates, with coverage responsibilities across the Middle East and Pakistan Cluster. The position includes leadership duties and requires significant interaction with senior leaders and regulatory authorities, emphasizing accountability and transparency. Travel within the cluster and to global sites may occasionally be required to fulfill program objectives and stakeholder engagement.

The role offers a unique opportunity to influence cybersecurity strategy at a regional level within a globally recognized financial institution committed to innovation, inclusion, and client-centricity.

About Standard Chartered

Standard Chartered is a leading international bank renowned for its commitment to sustainable growth and inclusive financial services for over 170 years. Operating across multiple continents, the bank empowers individuals and businesses in more than 60 markets with innovative banking solutions.

We pride ourselves on our diverse workforce and inclusive culture where unique talents and perspectives are celebrated. Our core values guide our behavior and decision-making as we strive to make a positive impact in communities and markets around the world.

Joining Standard Chartered means becoming part of a team dedicated to driving commerce and prosperity with integrity, innovation, and a collaborative spirit. We foster a workplace that supports continuous learning, encourages challenge and creativity, and values each employee's contributions.

What we offer

Comprehensive Benefits and Support

In line with our Fair Pay Charter, we provide a competitive compensation package designed to support overall wellbeing and work-life balance.

• Robust retirement savings schemes supported by core bank funding, alongside comprehensive medical and life insurance coverage.
• Flexible and voluntary benefits tailored to meet diverse individual needs in various locations.
• Generous paid time-off policies including annual leave, parental/maternity leave up to 20 weeks, sabbatical opportunities, and volunteering leave to foster community engagement.
• Flexible working arrangements accommodating varied work styles and locations to support productivity and personal commitments.
• Access to leading digital wellbeing platforms, resilience training, employee assistance programs, mental health support, and self-help resources to nurture holistic wellness.
• A culture of continuous learning offering abundant opportunities for professional development, reskilling, and upskilling through diverse learning modalities.
• Active promotion of an inclusive environment where every team member is respected and empowered to reach their full potential.