Cyber Security Governance Specialist
Full-time
Description
Responsibilities:
- Develop and maintain policies and procedures for effective management of information security risks.
- Implement an information security governance framework that aligns with industry standards and best practices.
- Conduct regular risk assessments to identify potential threats and vulnerabilities to the organization’s information assets.
- Manage information security risks by developing and implementing risk treatment plans to reduce the likelihood and impact of identified risks.
- Monitor compliance with information security policies, procedures, and standards.
- Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure appropriate remediation measures have been implemented.
- Perform Network Architecture Review periodically at least once every 6 months.
- Perform assessment on IT General Controls for critical applications.
- Establish and implement cyber security awareness program.
- Provide education and training to employees and stakeholders to increase awareness and understanding of information security risks.
- Design, implement, and maintain the access control system for an organization’s data, systems, applications and network.
- Monitor compliance on monthly basis for user accounts as per corporate policy for all enterprise applications and ensure removal of dormant accounts, accounts of separated users.
- Authorize users who require access to specific resources, information or systems.
- Liaise with SOC team to review user activities and access logs to identify unauthorized access or unusual activity periodically.
- Ensure compliance with regards to security tools and technologies such as Patch, AV/EDR, DLP, etc.
Skills:
- Strong knowledge of ISO 27001, ISO 31000, UAE IA standards and frameworks
- Excellent presentation skills and communication skills
- Experience in managing cyber risk programs and assessments
- Experience in managing information and cyber security awareness programs
- Experience in working with cyber security policies, standards and guidelines
Education & Qualifications
- Bachelor’s degree in Information / Cyber Security, Information Technology, Computers or associated fields of engineering
- Certifications: CISM, CRISC, ISO 27001 Lead Auditor / Implementer
Job Type: Full-time
Salary: From AED15,000.00 per month
Ability to commute/relocate:
- Abu Dhabi: Reliably commute or planning to relocate before starting work (Required)