Please send your cvs to rizvinazish@gmail.com
Last date to apply : 18th March 2014
JOB TITLE : Senior Manager - Information Security and Risk
REPORTING TO : Head of Information Security and Risk
JOB PURPOSE:
To be responsible for ORGANIZATION Information Security Office operations including maintenance and continual improvement of ORGANIZATION Information Security Management System (ISMS), provide information security guidance, proactively assess and resolve information security risks in compliance with the UAE Federal Government and Dubai Government information security regulatory requirements and ISO 27001 standards.
RESPONSIBILITIES:
Analyse and evaluate high level security requirements in view of ORGANIZATION and customer information security policies and make recommendations for improvement.
Conduct risk assessment and high level security gap analysis to gauge information security outlook of ORGANIZATION customers and deal with information security affairs during day-to-day activities to highlight trends and address concerns to meet customer requirements and ensure business continuity.
Advise and recommend information security enhancements, product upgrades and tools across multiple platforms to ensure minimal security exposures.
Act as a change agent for an effective security culture in the organization and review, evaluate and recommend changes in ORGANIZATION information security policies to ensure compliance with Dubai Government's Information Security Regulation (ISR) , corporate ISO 27001 and other UAE Federal Government's regulatory compliance
Assist product development teams to ensure conformance to ORGANIZATION information security requirements and propose cost effective security controls for ORGANIZATION business environment.
Assist in the development of ORGANIZATION managed security services portfolio and optimal solutions by applying knowledge and expertise of functionality of security software/tools in the business environment.
Understand, review and propose changes in ORGANIZATION security architecture based on business requirements and IT strategies and rectify gaps within the current state to ensure compliance to ORGANIZATION security architecture.
Provide consultation and recommendations on application and infrastructure development projects to meet the security requirements in line with ORGANIZATION ISMS
Facilitate all information security related audits including scope of audits, business units involved, timelines, maintain relationships with audit entities and ensure a consistent audit perspective.
Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
Understand and comprehend information security fundamentals related to confidentiality, integrity and availability of information in ORGANIZATION.
Define performance goals at the start of the year, identify training and development requirements for self and strive to achieve the highest levels of proficiency on all competencies and skills required to perform the role.
Lead and direct the management of change through continuous improvement of departmental systems, processes and practices taking into account 'international best practice', changes in international standards and changes in the business environment which demand proactive action plans.
Direct the compliance of Information Security policies, procedures and controls within the context of the Department, Act in accordance and strictly abide by the company Information Security policies, procedures and controls specifically related to sharing of information.
Act in accordance with the company's IT Code of Conduct and escalate any instances of violation in a timely manner to guarantee the safe guard of company information and a responsible environment attitude.
Support the development of the company's Policies, abides by them, as well as functions within the delegation of authority and boundaries of the organizational governance frameworks.
PERSON REQUIREMENTS:
Bachelor degree in Computer Science, Information Systems management or a related field
Professional certifications in information security such as CISSP/GIAC/SSCP/ CISA/ ISO 27001/ COBIT and suitable technology certifications
Minimum 8 years of experience in managing security, policy and risk management.
Experience in establishing and maintaining ISO27001 standards/ ISMS
Knowledge of Security Information and Event Management (SIEM) systems
Knowledge and understanding of latest security technologies (network, application, storage, end point, cloud and anti malware), trends, threats and practices
Ability to establish security policies, procedures, controls and framework in line with business needs and audit requirements
Strong organizational and negotiation skills with the ability to influence
Strong interpersonal skills and presentation abilities
Demonstrated ability to work under pressure
Ability to prioritize to ensure positive results of the assigned opportunities
Written and spoken English is essential, Arabic is preferred.
Please send your cvs to rizvinazish@gmail.com
No comments:
Post a Comment