​A leading technology company, who are expanding across UAE, are looking for a CISO / Head of Security to drive their cyber security strategy across the Middle East.

You will be responsible for establishing and maintaining a company wide information security management program to ensure that information assets are protected.

This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the enterprise risk management.

Responsibilities:

• Develop, implement and monitor a strategic, comprehensive enterprise information security and support risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.

• Develop, maintain and publish up-to-date information security policies, standards

• Liaise with the technology teams to ensure alignment between the security and enterprise IT application’s architecture and coordinate the strategic planning implicit in these architectures.

• Create and manage information security and cyber risk management awareness training programs for all employees, contractors and approved users.

• Develop metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.

• Provide regular reporting on the current status of the information security program and IT controls to enterprise risk teams, senior business leaders.

• Provide Third-party risk assessments for various IT vendors and Products, and issue security schedules.

• Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.

• Ensure that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.

• Provide strategic cyber risk guidance for technology projects, including the evaluation and recommendation of technical controls.

• Liaise among the information security team and corporate compliance, audit, legal teams

• Manage security incidents and events to protect corporate technology assets, including intellectual property, regulated data and the company's reputation.

• Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
  
  

Skills / Experience Required:

• A minimum of 12 years of professional IT Risk and Security related experience

• Expertise and experience in implementing & monitoring Information Security controls, practices and technology for multiple levels within an organization, cascade, and plan

• Cloud security experience – Azure security certifications is an added advantage.

• SOC/Security Incident Management experience – CISM/Similar certification is an added advantage.

• Network security experience – Firewalls, IPS log analysis

• Data Security experience – AIP, CASB, DLP, Intune etc

• Preventive/Detective security tools – SIEM, xDR, EDR etc

• Experienced in handling internal and external audits and IT General Controls

Please apply today to be considered for this role.