CISO - Head of Security

Posted 14 September 2023
Salary 60-80K AED p/m and benefits
LocationDubai
Job type Permanent
DisciplineInfoSec & Cybersecurity
Contact NameBrett Lockett

Job description

​A leading technology company, who are expanding across UAE, are looking for a CISO / Head of Security to drive their cyber security strategy across the Middle East.

You will be responsible for establishing and maintaining a company wide information security management program to ensure that information assets are protected.

This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the enterprise risk management.

Responsibilities:

  • Develop, implement and monitor a strategic, comprehensive enterprise information security and support risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.

  • Develop, maintain and publish up-to-date information security policies, standards

  • Liaise with the technology teams to ensure alignment between the security and enterprise IT application’s architecture and coordinate the strategic planning implicit in these architectures.

  • Create and manage information security and cyber risk management awareness training programs for all employees, contractors and approved users.

  • Develop metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.

  • Provide regular reporting on the current status of the information security program and IT controls to enterprise risk teams, senior business leaders.

  • Provide Third-party risk assessments for various IT vendors and Products, and issue security schedules.

  • Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.

  • Ensure that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.

  • Provide strategic cyber risk guidance for technology projects, including the evaluation and recommendation of technical controls.

  • Liaise among the information security team and corporate compliance, audit, legal teams

  • Manage security incidents and events to protect corporate technology assets, including intellectual property, regulated data and the company's reputation.

  • Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.

Skills / Experience Required:

  • A minimum of 12 years of professional IT Risk and Security related experience

  • Expertise and experience in implementing & monitoring Information Security controls, practices and technology for multiple levels within an organization, cascade, and plan

  • Cloud security experience – Azure security certifications is an added advantage.

  • SOC/Security Incident Management experience – CISM/Similar certification is an added advantage.

  • Network security experience – Firewalls, IPS log analysis

  • Data Security experience – AIP, CASB, DLP, Intune etc

  • Preventive/Detective security tools – SIEM, xDR, EDR etc

  • Experienced in handling internal and external audits and IT General Controls

Please apply today to be considered for this role.