IT Security Officer

Job Purpose :

To establish and maintain a corporate-wide information cyber security management program and ensure that information assets are adequately protected.

Key Responsibilities :

• Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program;
• Work directly with the CTO and all IT functions to facilitate cyber security and risk assessment and its processes;
• Evaluate the IT threat landscape to reduce risk, leading auditing, and compliance initiatives,
• Assist in implementation of the IT Cyber Security strategies, policies, and procedures;
• Prepare the documentation for the IT Cyber Security reports and guidelines;
• Develop and enhance an information security management framework;
• Monitor, maintain and administrate the IT security devices (such as Firewalls, Cor Switches, Web filtering, Spam Filtering devices... etc.) in coordination with IT Infrastructure and Cloud Unit to ensure no threats impacting the operations of these devices.
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, and services;
• Partner with business stakeholders across INDEX Holding group to raise the awareness of Cyber Security risk management concerns by conducting the required training and workshops;
• Assists with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
• Manage and maintain cyber security incident management and track accordingly;
• Review the audit reports and assist to tackle the security issues raised by the auditors.
• Conduct a periodic security check on all the relevant IT systems and services that are running in production.
• Conduct a periodic penetration testing to the relevant technologies that are running in production.
• Conduct a periodic vulnerability assessment to the relevant technologies that are running in production.
• Perform a periodic check of the backup restoration practice in INDEX holding to ensure the consistency of the backup data and integration;
• Assist in controlling IT related risk by advising management and functional units on all IT policies and procedures;
• Ensure the confidentiality and protection of corporate data, proprietary information, and intellectual property;
• Check the updates on the systems to ensure the patch management with the latest patches and upgrades on a regular basis;
• Assist in managing the crisis situations, involving complex technical hardware or software problems and ensure adequate provision for business continuity and disaster recovery;
• Ensuring that INDEX Holding is adaptable to evolving cyber security compliance regulations.
• Solicit, study, and evaluate all IT Projects Plans to ensure risk low effectiveness, in addition, identify and develop risk analysis and supervise risk management for the IT department;
• Undertake such other tasks as and when required by the Chief Technology Officer.
• Data access, security, and integration;
• Reduction in IT related risks, business continuity and disaster recovery plans;
• Coordinate with the department employees to provide the necessary IT Security adviser to the Group employees.

Qualifications and Experience Required :

• Degree in IT related discipline Computer Science or equivalent and additional professional technical training/certifications in System Administration;
• Master’s Degree on IT or equivalent is preferred;
• Certified Information Systems Security Professional CISSP, Certified Ethical Hacker CEH, Certified Information Security Manager CISM, and hands-on experience associated with risk management, Penetration Testing and Vulnerability Assessment, Certified Information Systems Auditor CISA is add-on;
• Minimum 7 years of IT experience in IT Cyber Security, IT Systems and Networking Evaluation;
• Demonstrate knowledge of security standards and their applications;
• Exposure with the latest technology and research background will be an added advantage;
• Excellent project management skills
• Excellent communication skills in English, both written and oral.
• Arabic language is an advantage;
• Excellent organizational and time management skills; and Excellent interpersonal skills.

Job Types: Full-time, Permanent

Application Question(s):

• What is your salary expectation in AED?
• Which certifications do you hold (CISSP, CEH, CISM, CISA)
• How many years of experience do you have in IT Security and Risk Management within the UAE?

Education:

• Bachelor's (Preferred)

Work Location: In person