DISCOVER OUR EXPERTISE
A leading technology company, who are expanding across UAE, are looking for a CISO / Head of Security to drive their cyber security strategy across the Middle East.
You will be responsible for establishing and maintaining a company wide information security management program to ensure that information assets are protected.
This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the enterprise risk management.
Develop, implement and monitor a strategic, comprehensive enterprise information security and support risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.
Develop, maintain and publish up-to-date information security policies, standards
Liaise with the technology teams to ensure alignment between the security and enterprise IT application’s architecture and coordinate the strategic planning implicit in these architectures.
Create and manage information security and cyber risk management awareness training programs for all employees, contractors and approved users.
Develop metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.
Provide regular reporting on the current status of the information security program and IT controls to enterprise risk teams, senior business leaders.
Provide Third-party risk assessments for various IT vendors and Products, and issue security schedules.
Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.
Ensure that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
Provide strategic cyber risk guidance for technology projects, including the evaluation and recommendation of technical controls.
Liaise among the information security team and corporate compliance, audit, legal teams
Manage security incidents and events to protect corporate technology assets, including intellectual property, regulated data and the company's reputation.
Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
Skills / Experience Required:
A minimum of 12 years of professional IT Risk and Security related experience
Expertise and experience in implementing & monitoring Information Security controls, practices and technology for multiple levels within an organization, cascade, and plan
Cloud security experience – Azure security certifications is an added advantage.
SOC/Security Incident Management experience – CISM/Similar certification is an added advantage.
Network security experience – Firewalls, IPS log analysis
Data Security experience – AIP, CASB, DLP, Intune etc
Preventive/Detective security tools – SIEM, xDR, EDR etc
Experienced in handling internal and external audits and IT General Controls
Please apply today to be considered for this role.