Information Security & Data Protection Officer (Kuwaiti Nationals)

Job Purpose

To assist in strengthening the Bank’s cybersecurity and data protection posture by supporting policy development, risk assessments, compliance activities, and ongoing security governance in alignment with regulatory and Group requirements.

Key Responsibilities:

• Support the development and maintenance of information security & data privacy policies, frameworks, and procedures.
• Monitor compliance with cybersecurity, data protection, and regulatory requirements.
• Prepare reports, insights, and presentations for senior management and committees.
• Contribute to risk assessments, RCSA activities, and maintaining risk registers.
• Coordinate internal/external audits and support closure of security and privacy findings.
• Maintain data classification inventories and assist with Privacy Impact Assessments.
• Support security awareness and training initiatives across the Bank.
• Collaborate with IT, legal, and business teams to ensure alignment with security standards.
• Assist in evaluating security technologies, including cost analysis (TCO, ROI).
• Contribute to security-related project planning and governance.

Qualifications:

• 0–3 years of experience in Information & Cyber Security or IT GRC.
• Bachelor’s degree in Information/Cyber Security.
• Professional certifications (Security+, CCNA Security, etc.) are preferred.
• Strong communication skills in English and Arabic.