Our client is a well-known large bank based in the UAE. They are looking to hire a Head of Technology Operations to be based in Dubai will be reporting to the Chief Information Officer.
This role at the bank leads technology governance, risk, compliance (GRC), and service management to ensure regulatory compliance, optimize risk mitigation, and enhance service delivery. Acting as a trusted advisor to senior management, the role focuses on strategic guidance, crisis management, and driving innovation in regulatory solutions. This position also collaborates with departments across Legal, HR, Compliance, and Information Security to manage emerging risks and align technology initiatives with bank priorities
Key Result Areas
- Strategic Leadership: Develop and implement the strategic vision for the Technology Operations unit, aligning it with business objectives. Lead and mentor the Governance, Risk, and Compliance (GRC) unit and Tech Service Management teams, fostering a culture of continuous improvement.
- Risk & Compliance Management: Design and enforce robust risk management frameworks, policies, and procedures to identify, assess, and mitigate cybersecurity, data privacy, and other tech-related risks. Oversee vulnerability assessments, ensuring secure data, systems, and networks, and manage processes like risk mitigation, transfer, deviation, and acceptance.
- Technology Governance & Service Delivery: Implement governance frameworks, ensure adherence to industry and regulatory standards (GDPR, BSA/AML/OFAC), and perform periodic audits. Collaborate on budget planning, cost optimization, and service delivery improvement.
- Stakeholder Collaboration: Work closely with senior executives, including the CRO, CCO, and CIO, aligning strategies, overseeing projects, and reporting to senior management and regulatory bodies. Maintain effective communication with stakeholders, auditors, and regulators.
- Vendor & Partnership Management: Govern technology vendor relationships, including contractual reviews and performance evaluations, while providing technology risk advisories across units. Lead GRC working committees, ensuring risk compliance and project management within scope and budget.
Knowledge, Skills And Experience
- Should have 15 years of experience in Information Technology / Technology GRC / Operation Risk Management / Information Security/ IT Audits
- Excellent communication skills (both written and verbal), and the ability to communicate with influence on Executive management, and technical, and non-technical staff.
- Proficient technical skills, including change management, operating systems and data sources knowledge, performance metrics and reporting, technical problem resolution, project management, and vendor management.
- The candidate must be able to multitask, oversee changing priorities and work independently in a fast-changing environment. The scope will include metrics reporting, action tracking, project status reporting, and responsibility for the delivery of short-term initiatives.
- The candidate must be able to communicate and engage effectively with all levels of management across both technology and business areas, be able to articulate the risk exposure, advise stakeholders of the mitigation requirements status as well as provide clear and concise updates on various key projects.
- Proficient working knowledge within the following risk domains/technologies:
- Database and application security
- Cloud computing, RPA, and emerging technologies
- IT Architecture
- System/Access Administration
- Network Architecture
- Vulnerability Management, Cyber Security, Information Security Compliance
- General Information Technology Controls
- Comfortable with articulating security-related concepts to a broad range of technical and non-technical staff, including executive management.
- Proficient risk assessment, interpretation, analytical and negotiation skills.
- IT Risk Management/Audit industry certification (such as CISSP, CISA, CRISC, etc.) required.
- Working knowledge and implementation expertise in security standards and industry frameworks like ISO 27001/2, ISO 22301, COBIT, PCI DSS, SSAE16, NIST, security auditing, and risk management
- Cross-border team management experience, strong organizational, team building and leadership qualities.