Information Security Manager
ZainCashCreate, maintain, and enforce information security policies, standards, and procedures.
Ensure full alignment with CBI requirements and support audits, regulatory reviews, and compliance assessments.
Lead the execution and maintenance of PCI DSS, ISO 27001, ISO 22301, and related programs.
Security Operations and Monitoring
Oversee continuous monitoring of systems, networks, and digital channels for threats and vulnerabilities.
Guide security operations analysts in managing alerts, incidents, and escalations.
Review vulnerability assessments and penetration testing reports and ensure timely remediation.
Risk Management and Controls
Identify cyber risks across platforms including mobile apps, core banking middleware, and cloud or on premises infrastructure.
Develop risk mitigation plans and track progress with relevant teams.
Lead security reviews for new products, features, and integrations.
Incident Response and Crisis Management
Maintain an effective incident response plan.
Lead investigation and root cause analysis for security incidents.
Coordinate with legal, compliance, operations, and executive leadership when required.
Security Architecture and Access Management
Ensure secure design of systems, integrations, and APIs across ZainCash ecosystem.
Review network segmentation, access controls, firewalls, IAM solutions, and encryption practices.
Collaborate with DevOps and Infrastructure teams to embed security in CI and CD practices.
Awareness and Training
Run periodic security awareness sessions for employees and vendors.
Promote a culture of accountability and secure behavior across teams.
Bachelor degree in Computer Science, Computer Engineering, Information Security or a related field
Recognized certification required such as CISSP, CISM, ISO 27001 lead implementer and CCISO
Advanced certification preferred for example CISSP or CISM
PMP certification is a plus
Experience:
Minimum six years of experience in information security or cybersecurity roles
Minimum two years in a managerial or supervisory position
Experience in fintech, digital payments, banking or telecom environments is required
Hands on experience with PCI DSS, ISO 27001, or other regulatory programs is required
Skills:
Strong knowledge of security frameworks including NIST, COBIT, PCI DSS, ISO 27001, ISO 22301
Hands on experience in SIEM solutions, endpoint protection, SOC operations, and threat intelligence
Technical skills in networking, firewalls, web application security, IAM, encryption, and secure coding practices
Understanding of cloud environments, virtualization, containers, DevSecOps and API security
Experience with tools such as Splunk, Wazuh, Qualys, Burp Suite, Nessus
Strong analytical and investigative ability with clear written and spoken communication
Fluent English written and spoken
Native Arabic written and spoken