Full-Time Manager – Information Security & Risk
VAM Systems is currently looking for Manager – Information Security & Risk for our UAE operations with the following skillsets & terms and conditions:
Skill Set required:
• 10+ years of IT experience including 5 years in Information Security preferably within Airline industry.
• Working experience in managing Internet and network security products and platforms, applications and infrastructure security assurance as well as security incidents and operations.
• Advanced knowledge in information security principles and practices, including security risk assessment standards, risk assessment methodologies, vulnerability assessment and security frameworks.
• Possesses experience in data protection and management, including regulatory aspects.
• Holistic IT knowledge of heterogeneous technology environments.
• Advanced knowledge in attack vectors, threat trends, mitigation strategies, intrusion analysis and incident response.
• Experienced in developing, departmental policies, procedures, standards and guidelines.
• Proven skills in analyzing data, identifying pitfalls and recommending cost-effective solutions.
• Effective persuasive, negotiation, problem solving and decision making skills.
• Employs technical and interpersonal skills to execute new initiatives and achieve company’s objectives.
• Demonstrates the ability to contribute and successfully deliver against business strategy and set KPIs.
• Bachelor degree in Computer Engineering/ Computer Science/ Information Technology or equivalent.
• Certification relevant to Information Technology/ IT Security/ Audit/ Governance e.g. CISA, CISM, CISSP, CGEIT.
Fluent in English Language.
1. Develops, manages, and communicates the Corporate Information Security Framework that includes policies, standards and processes based on international standards (eg.ISO27001) as well as legal and regulatory requirements (e.g. PCI DSS, GDPR) ensuring its policies and procedures are adopted and adhered to.
2. Develops an overall information security and compliance strategy, and recommends appropriate controls and tools ensuring all are in line with company’s objectives, set measures and information control requirements.
3. Monitors environmental and market trends and pro-actively assesses impact to business strategies and advises necessary security controls in collaboration with experts in other functions e.g. legal, technical support, architecture.
4. Defines and implements a risk management framework for company to ensure that IT security and risks are managed to acceptable levels and in compliance with relevant regulations.
5. Co-ordinates periodic vulnerability assessments and penetration tests on IT environment to monitor performance, identify risks and threats, and manage solutions as required for the effective protection of information assets and/or regulatory compliance.
6. Ensures there is sufficient visibility at the appropriate management level for every risk – its impact, and cost of mitigation.
7. Conducts investigations on permission violations and defines org-level policies on the access rights.
8. Co-ordinates effective implementation of data protection program aligned to applicable regulatory regimes (e.g. GDPR). This includes records of processing, associated policies and procedures, and reporting and engaging with supervisory authorities whenever needed.
9. Directs and guides internal teams and/ or external providers to ensure that all information assets are well protected. Reviews, actions any exception to policies and standards based on impact and takes ownership for all Information security initiatives.
10. Keeps abreast with market trends and latest products related to information security and maintains a broad understanding of the environment, to source services from the external market.
11. Develops, manages, maintains, and regularly tests security incident-response-plan that ensures all incidents are reported, documented, resolved and recovered.
12. Handles any additional duties as directed by the Head of Department/CEO.
Terms and conditions:
Joining time frame: (15 – 30 days)
The selected candidates shall be a direct employee of one of the leading Organizations in UAE.
Should you be interested in this opportunity, please send your latest resume in MS Word format at the earliest at firstname.lastname@example.org
30 total views, 2 today