Responsibilities:

• Develop and maintain policies and procedures for effective management of information security risks.
• Implement an information security governance framework that aligns with industry standards and best practices.
• Conduct regular risk assessments to identify potential threats and vulnerabilities to the organization’s information assets.
• Manage information security risks by developing and implementing risk treatment plans to reduce the likelihood and impact of identified risks.
• Monitor compliance with information security policies, procedures, and standards.
• Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure appropriate remediation measures have been implemented.
• Perform Network Architecture Review periodically at least once every 6 months.
• Perform assessment on IT General Controls for critical applications.
• Establish and implement cyber security awareness program.
• Provide education and training to employees and stakeholders to increase awareness and understanding of information security risks.
• Design, implement, and maintain the access control system for an organization’s data, systems, applications and network.
• Monitor compliance on monthly basis for user accounts as per corporate policy for all enterprise applications and ensure removal of dormant accounts, accounts of separated users.
• Authorize users who require access to specific resources, information or systems.
• Liaise with SOC team to review user activities and access logs to identify unauthorized access or unusual activity periodically.
• Ensure compliance with regards to security tools and technologies such as Patch, AV/EDR, DLP, etc.

Skills:

• Strong knowledge of ISO 27001, ISO 31000, UAE IA standards and frameworks
• Excellent presentation skills and communication skills
• Experience in managing cyber risk programs and assessments
• Experience in managing information and cyber security awareness programs
• Experience in working with cyber security policies, standards and guidelines

Education & Qualifications

• Bachelor’s degree in Information / Cyber Security, Information Technology, Computers or associated fields of engineering
• Certifications: CISM, CRISC, ISO 27001 Lead Auditor / Implementer

Job Type: Full-time

Salary: From AED15,000.00 per month

Ability to commute/relocate:

• Abu Dhabi: Reliably commute or planning to relocate before starting work (Required)