Company Overview:
Commercial Bank , Founded in 1975 and headquartered in Doha , plays a vital role in Qatar’s economic development through offering a range of personal, business, government, international and investment services.
At Commercial Bank of Qatar, we believe in empowering our employees, providing them with opportunities for growth and professional development.
By Joining us , you’ll be part of workplace culture that fosters innovation, supports work-life balance, and encourages you to reach your full potential.
Job Summary:
A cyber fraud lead serves as a pivotal figure in safeguarding organizations from the growing threat of digital fraud and cybercrimes. This role involves a comprehensive approach to proactively detecting, investigating, and mitigating cyber fraud activities by leveraging analytical tools, forensic techniques, cybersecurity protocols, and identifying vulnerabilities in systems and processes that could be exploited by cybercriminals.
Through continuous vigilance and a deep understanding of emerging digital fraud tactics, the cyber fraud lead helps prevent financial losses, reputational damage, and potential regulatory penalties, ensuring that both the organization and its customers are protected from evolving cyber threats.
Key Responsibilities:
- Create, implement, maintain and approve cyber fraud strategies, controls and rules to stop cyber/digital fraud techniques
- Collaborate with industry, schemes, law enforcement and CBQ internal fraud teams to understand existing and new techniques, analyze trends and uplift controls to combat new tactics
- Perform cybercrime threat intelligence and research to ensure analysis of existing threats and future threats that may arise with the introduction or advancement of new technologies , digital strategies and processes.
- Use cyber fraud data analytics to drive cyber fraud control strategies working closely with CBQ data analytics teams
- Monitor the dark web for any indications of cyber fraud attacks (ie: Phishing, Social engineering) against CBQ or its customers and monitor for any data such as customer card or account login details for sale on the dark web.
- Takedown phishing websites targeting our brand and phone numbers used in social engineering
- Manage cyber fraud key risk indicators (KRIs)
- Perform cyber fraud threat modeling and testing to identify potential weaknesses in CBQ technology, business logic or processes which might be used to aid cyber fraud
- Analyze fraud cases that use cyber/digital techniques and uplift controls to combat new tactics
Qualifications & Experiences:
- Bachelor's degree in information technology or equivalent.
- >10 years of relevant experience
- Relevant cybersecurity or cyber fraud certifications
- Relevant experience leading and influencing change in the cyber security or cyber fraud landscape
- Relevant experience collaborating with stakeholders across industry and within the organization to facilitate analysis, strategy and change
Technical skills and Knowledge:
- Familiarity with Payment Systems: Understanding of payment processing systems, including credit card networks, online payment gateways, and their vulnerabilities.
- Penetration testing and identifying vulnerabilities in payment processes that may lead to cyber fraud and crime
- Cyber Fraud detection tools
- Programing/Scripting
- Data Analysis
- Taking down phishing websites
- Use of cybersecurity tools and performing incident investigations
Analytical skills
- Pattern Recognition: The ability to spot trends and patterns in transaction data or user behavior that indicate fraudulent activity
- Critical Thinking: Strong decision-making skills to assess whether a flagged activity is truly fraudulent or a false positive.
- Incident Analysis: Analyzing fraud incidents to understand methods used, vulnerabilities exploited, and prevention strategies.
- Root Cause Analysis: Ability to perform root cause analysis on security incidents to prevent future occurrences.
Communication Skills
- Cross-Team and Industry Collaboration: Ability to work with other and departments, including IT, legal, and compliance teams, to address cyber fraud issues and strengthen defenses.
- Reporting and Documentation: Writing detailed reports on cyber fraud incidents, and risk analysis. Must be able to present findings clearly to non-technical stakeholders.