UAE
--
Company

Job Details

        Bachelor's degree in Information Security, Information Management Systems, Information Technology, Cybersecurity, or any related discipline.

        Master's degree in Information Management Systems, Information Technology, Cybersecurity (preferred).

        Professional certifications such as Project Management Professional (PMP), CISSP, CISM, CCSP/CCSK; are advantageous.

        Certified ISO 27001 lead implementer or lead auditor.

        Training or certification in security monitoring tools such as SIEM.

        A minimum of 11 years of experience in information security, with 5 years leading operations/support or SOC/IAM/vulnerability functions.

        Extensive experience in conducting risk assessments, developing risk mitigation strategies, and managing incident response for security breaches and attacks.

        Extensive experience in leading the implementation and management of access controls and authorizations for various systems and databases to ensure compliance with organizational security policies.

        Experience ensuring compliance with these standards and regulations in all operations and third-party engagements.

        Robust experience in managing all aspects of information security incidents, including identification, analysis, containment, eradication, and recovery.

        Proven competence in overseeing testing and compliance checks on applications and systems developed by third-party vendors.

        Strong background in developing and implementing disaster recovery plans that address potential risks and ensure continuity of operations in the event of security breaches or disasters.

   Proven track record of effectively managing an information security operations center (SOC), cyber threat intelligence or similar environments that monitor and protect organizational IT infrastructure.

Key Skills & Capabilities:

        Capable of advanced implementation of information security policies and procedures to monitor operations and ensure compliance with standards and regulations.

        Advanced in classifying information into various asset groups, maintaining systems, and sharing information with stakeholders.

        Advanced in understanding and applying risk management methodologies, including assessing risks, evaluating vulnerabilities and threats, and following up on risk treatments.

        Advanced in responding to security incidents by following established protocols and effectively managing stakeholder interactions.

        Advanced in developing access control matrices and conducting thorough access reviews of information systems, identifying and addressing deviations.

        Proficient in developing secure operational policies and ensuring effective implementation of change controls, backups, and patch management.

        Proficient in applying secure software development Life Cycle (S-SDLC) practices, advising on application security, and conducting architecture reviews.

        Proficient in conducting vulnerability and penetration tests, monitoring threats, and addressing continuity issues with relevant business departments.

        Advanced in auditing information security standards and processes, capable of conducting compliance checks and developing continual improvement plans.

        Advanced in understanding the requirements for information security assurance and performance assessments for standards like ISO 27001 and ISR.

        Advanced in developing and delivering information security training and awareness programs, researching new topics, and evaluating training outcomes.

        Proficient in understanding cloud security regulations, ensuring compliance, and conducting governance and risk assessments.

        Ability to develop and execute long-term security strategies that align with organizational goals.

        Capability to manage a diverse team to achieve excellent results in information security.

        Strong analytical capabilities for troubleshooting, problem-solving, and decision-making within operational settings.

        Skill in using analytics to monitor system performance and to derive actionable insights from data.

        Profound knowledge of cybersecurity principles, practices, and technologies including firewall management, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices.

Similar Jobs