Senior Manager - Information Security

Job description / Role Job Type Full Time Job Location Bahrain Nationality Any Nationality Salary Not Specified Gender Not Specified Arabic Fluency Not Specified Job Function IT - Software & Web Development Company Industry Finance, Investment & Asset Management Lead the development, implementation and continuous improvement of the organization’s information security and business continuity programs. Own cyber risk management, security governance, incident response, third?party security assurance, compliance with relevant regulations (including data protection), and business continuity planning to ensure resilience of critical systems and protection of sensitive data. General • Develop, maintain and drive the information security strategy, roadmap and supporting policies aligned to business objectives and regulatory requirements (e.g., ISO 27001, PDPL, PCI DSS). • Design, implement and continually mature the information security management system (ISMS) and business continuity management system (BCMS). • Identify, assess and manage cyber and information risks across people, process and technology; maintain the Information Security Risk Register and ensure appropriate remediation and risk acceptance. • Lead incident response, digital forensics and post?incident reviews; coordinate containment, eradication and recovery activities and ensure timely executive escalation and communication. • Oversee vulnerability management, patching, penetration testing, secure configuration and remediation tracking. • Manage security operations oversight: SIEM monitoring, alerts triage, threat detection, endpoint protection and cyber threat intelligence coordination. • Ensure secure design and control integration across IT projects, application development and cloud/on?premise deployments (security by design). • Oversee third?party and supply?chain security assessments, contractual security requirements, and ongoing vendor assurance. • Develop, deliver and measure security awareness and training programmes to reduce human risk and strengthen security culture. • Maintain regulatory and standards compliance: prepare for and manage internal and external audits, produce attestation documentation (e.g., PCI AOC), and submit required regulatory returns. • Own business continuity planning and crisis management: conduct business impact analyses, develop and test continuity and recovery plans, lead tabletop and live exercises, and validate recovery time/objectives. • Produce executive?level reporting and KPIs/KRIs for board and senior management: risk posture, incident metrics, compliance status, programme maturity and remediation progress. • Manage, mentor and develop the information security and continuity team; define roles, responsibilities and training plans. • Keep abreast of emerging threats, regulatory changes and industry best practices; recommend investments and capability improvements. Requirements: Qualifications • Bachelor’s degree in computer science, Informat