- Provide direction on information security across the central IT division, and enterprise-wide. - Oversee and coordinate all aspects of alignment of Information Security Management System (ISMS) with ISO 27001, GDPR and SOC reporting.- Lead programs and processes to monitor the emergence of new threats and vulnerabilities, assessing impacts and driving responses as appropriate. - Ensure that clear and timely business advice is provided to executive management on key information security and assurance issues. - Establish an information security and risk management functional capability and framework across the organization. - Ensure that information security and risk is adequately represented on relevant business and governance forums and is known, well-integrated, and addressed across the enterprise. - Create, manage, deliver to the staff, and review effective information security awareness training. - Ensure that all IT and information security programs are in compliance with applicable laws, regulations, and policies. - Collaborate with application owners to understand and address (as appropriate) the risk position around key business applications, to build the Business continuity Plan and Disaster Recovery Plan

- Introduce new technologies and trends that serve in enforcing Saradar Bank as a leader in digital banking- Manage the IT enterprise team and services (Systems, network and collaboration)- Manage the IT core banking administration and deployment team and services - Partake in the design and implementation of new branches and concept locations(Cafe branch, co-working space and training academy)- Plan and supervise the IT budget and spendings- IT procurement and vendor management- Implement and manage hybrid cloud environments - Plan and assist with the migration from traditional desktops to virtual desktop technology - Plan and assist with the launching of a new core banking system T24- Implement ITIL processes: request fulfillment, change management, knowledge management, continuity management, and incident and problem management - Implementation of new telephony and call center platforms - Plan and partake in branch network development (new branches, branches renovations and training center)

- Prepare and perform internal audit projects (Operational, financial, compliance, information system and information security) - Prepare and conduct risk management workshops for company executives - Prepare and conduct presentations for the Audit and Risk Committee on audit, risk, internal controls and information security topics - Oversee and partake in the implementation of Azadea’s information security program, including but not limited to: o IT risk assessments o Vulnerability assessments o Penetration tests o Information security awareness sessions o Information security policies and procedures development

- Information security programs development and implementation for financial institutions - Information security awareness sessions development and implementation - Compliance audits with BCCL circulars n: 222, 272 and ISO 27001 - Information system risk assessments based on international standards (e.g. ISO 27005, NIST SP800-30)- Core banking systems security assessments - Physical security assessments for server rooms - Internal & external penetration tests - Web and mobile application penetration tests - Development of security policies & procedures development - Information system security assessment

- IT Consulting Services- Information Technology General Controls Audits- Information System Security Audits- Best Practices and Standards Compliance- Internal & External Penetration Tests- Web and Mobile Application Penetration Tests- Security Awareness Programs & Workshops- Development of Security Policies & Procedures- Information System Security Assessment