Job Description
Position Overview:
We are seeking an experienced and dynamic Head of Network and Security Operations for the banking sector to lead and manage the bank’s network infrastructure and cybersecurity operations. The role is critical in ensuring the stability, security, and resilience of the bank’s IT systems, safeguarding it against evolving cyber threats and maintaining compliance with both local and international regulatory standards. The ideal candidate will have strong technical knowledge of network management, security best practices, and regulatory requirements specific to the banking industry.
Key Responsibilities:
- Leadership & Strategic Planning:
- Lead, mentor, and manage a team of network engineers, cybersecurity professionals, and IT support staff focused on banking network and security operations.
- Develop and implement strategic plans to ensure a secure, robust, and highly available network infrastructure that supports the bank's operations, while aligning with business goals and regulatory requirements.
- Collaborate with senior leadership to define and implement security and network strategies that ensure business continuity and regulatory compliance in the banking sector.
Network Operations Management:
- Oversee the design, implementation, and management of the bank’s network infrastructure, including LAN, WAN, VPN, and cloud-based networks, ensuring maximum uptime and performance.
- Manage critical banking systems' network services such as core banking platforms, payment systems, online banking, and ATM networks, ensuring optimal performance and resilience.
- Ensure robust monitoring, troubleshooting, and capacity management of the bank’s network infrastructure to meet the growing demands of the business.
- Implement network solutions for high availability, disaster recovery, and failover systems, particularly for mission-critical banking systems.
Cybersecurity and Threat Management:
- Lead the development and implementation of a comprehensive cybersecurity strategy that protects the bank’s network infrastructure and sensitive financial data from external and internal threats.
- Ensure the deployment and management of key security technologies, such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), multi-factor authentication (MFA), encryption, and secure access controls.
- Regularly assess the bank's exposure to cyber risks and vulnerabilities, conducting risk assessments, penetration testing, and vulnerability management.
- Respond promptly and effectively to security incidents, breaches, or attacks, with a clear incident response plan and minimizing any business disruption.
Compliance and Regulatory Management:
- Ensure all network and security operations comply with Saudi Arabian Monetary Authority (SAMA) regulations, National Cybersecurity Authority (NCA) guidelines, and other relevant local or international standards, such as PCI-DSS, ISO 27001, and GDPR (if applicable).
- Implement controls to meet SAMA's Cybersecurity Framework and other banking-specific security standards, ensuring the confidentiality, integrity, and availability of banking data.
- Oversee regulatory audits and ensure the bank's network and security posture is continuously aligned with regulatory requirements, including transaction security and anti-fraud measures.
Banking-Specific Network Solutions:
- Ensure that the bank’s core banking systems, online banking platforms, and payment channels (e.g., SWIFT, ATM networks, mobile banking, and card payment systems) are secure, compliant, and fully functional.
- Implement and manage network segmentation and secure communication channels for sensitive financial transactions, such as secure payment processing and communication between branches and data centers.
- Work with internal and external stakeholders to ensure the proper integration of payment gateways, card processing systems, and third-party banking services with the network infrastructure.
Incident Response and Business Continuity:
- Define, maintain, and regularly test the incident response plan to handle any cybersecurity breaches or network failures that impact banking operations.
- Lead efforts to ensure business continuity and disaster recovery plans are in place and rigorously tested for mission-critical banking services.
- Coordinate efforts with disaster recovery teams to ensure minimal disruption during major incidents or cyberattacks.
Vendor and Third-Party Management:
- Manage relationships with third-party vendors and service providers (e.g., telecom, cloud service providers, IT security vendors) ensuring that network and security services meet the bank’s requirements and SLA standards.
- Oversee the procurement and deployment of network and security solutions, including evaluating potential vendors for technology acquisition and ensuring compliance with security and operational standards.
Budgeting and Resource Management:
- Manage the budget for network and security operations within the bank, ensuring optimal allocation of resources for technology upgrades, operational costs, and compliance-related initiatives.
- Recommend and oversee the acquisition of network and security tools, technologies, and solutions that are aligned with the bank's strategic goals.
Continuous Improvement and Reporting:
- Provide regular updates to executive leadership and relevant stakeholders on the status of network and security operations, incidents, vulnerabilities, and compliance efforts.
- Establish and report on key performance indicators (KPIs) for network and security operations, including incident response times, system uptime, and threat mitigation effectiveness.
- Ensure continuous improvement of network and security operations by staying abreast of the latest trends, emerging threats, and best practices in the banking and cybersecurity fields.
Skills and Qualifications:
- Technical Skills:
- Expertise in network management, network security, and infrastructure design within the banking sector.
- Strong experience with network security technologies (e.g., firewalls, VPNs, IDS/IPS, SIEM tools, endpoint protection, encryption).
- In-depth knowledge of payment systems, core banking systems, and transaction processing networks.
- Experience with cloud security for hybrid or multi-cloud environments used by banks.
- Expertise in cybersecurity frameworks and standards (e.g., ISO 27001, PCI-DSS, SAMA Cybersecurity Framework).
- Leadership & Management:
- Proven leadership experience managing a team of network engineers, security specialists, and IT professionals.
- Ability to manage and collaborate with cross-functional teams, including IT, compliance, and risk management teams.
- Strong project management skills, particularly in network upgrades, security initiatives, and disaster recovery planning.
- Compliance Knowledge:
- Deep understanding of regulatory compliance in the banking sector, including SAMA, NCA, PCI-DSS, GDPR (if applicable), and other financial industry standards.
- Experience conducting internal and external audits for network and security compliance.
- Communication and Analytical Skills:
- Excellent communication skills to present complex technical issues to non-technical stakeholders, including board members and senior executives.
- Strong analytical skills to assess risks, vulnerabilities, and make data-driven decisions on network and security operations.
- Certifications:
- Industry-recognized certifications such as CISSP, CISM, CCNP Security, CompTIA Security+, or equivalent are highly preferred.
- Specialized certifications in banking cybersecurity or payment systems (e.g., PCI Professional, Certified Information Systems Auditor (CISA)) are a plus.
Education:
- Bachelor’s degree in Information Technology, Cybersecurity, Network Engineering, or a related field.
- Master’s degree or equivalent experience in Cybersecurity, Network Engineering, or IT Management is an advantage.
Experience:
- 10+ years of experience in IT infrastructure, network management, or cybersecurity, with a focus on the banking sector.
- At least 5 years of leadership experience managing network and security operations within a banking or financial services environment.
- Proven track record in managing core banking systems, payment systems, and network security in a highly regulated environment.