IT Security Officer - UAE National

1. Security Policy Development and Implementation
   Develop implement and maintain comprehensive information security policies procedures and guidelines.
   Ensure that security policies are aligned with business objectives and comply with regulatory requirements.
   
2. Risk Management
   Conduct regular risk assessments and vulnerability analyses.
   Identify potential threats and vulnerabilities and develop mitigation strategies.
   Implement and monitor security controls to manage and mitigate risks.
   
3. Incident Response
   Develop and maintain an incident response plan.
   Lead the response to security incidents and breachesincluding investigation containment and recovery efforts.
   Conduct postincident analyses and report findings to senior management.
   
4. Compliance and Auditing
   Ensure compliance with relevant regulations and standards(e.g. ISR DESC Standards ISO 22301 ISO/IEC 27001).
   Coordinate and oversee internal and external security audits.
   Prepare and submit necessary compliance reports.
   
5. Security Awareness and Training
   Develop and deliver security awareness training programs for employees.
   Promote a culture of security awareness within the organization.
   Ensure that staff are aware of security policies and procedures.
   
6. Monitoring and Reporting
   Implement and manage security monitoring tools to detect and respond to threats.
   Regularly review security logs and reports to identify and address security issues.
   Regularly review security VAPT Reports and make sure it is closed.
   
7. Provide regular reports on the status of the information security program to senior management.
   
8. Collaboration and Advisory
   Work closely with IT and other departments to ensure security measures are integrated into all aspects of the organization s operations.
   Serve as a key advisor to senior management on information security matters.
   
9. Collaborate with external partners and stakeholders to ensure a comprehensive security posture.
   
10. Ability to prioritize a wide range of workloads with critical deadlines.
    
11. Availability outside of working hours to resolve emergency issues promptly.
    

Requirements

1. 58 years of Information Security Governance Risk and Compliance experience
   
2. Bachelor s degree in information security or relevant degree
   
3. Relevant certifications such as CISSP CISM CEH ISO 27001 Lead Auditor ISO 23001 Lead Auditor or CISA are highly
   
4. Experience in implementing the ISR /DESC standards.