Responsibilities
1. Develop and oversee the information security strategy of Dubai Entity.
2. Ensure compliance with relevant cybersecurity regulations and standards.
3. Implement measures to protect IT systems and data from cyber threats.
4. Conduct regular security assessments and audits.
5. Develop and maintain an incident response plan for cybersecurity breaches.
6. Provide regular training and awareness programs on information security.
7. Assess and manage cybersecurity risks associated with vendors and third-party
service providers.
8. Ensure compliance with data protection laws and regulations.
9. Develop and implement data protection policies and procedures.
10. Oversee the processing of personal data to ensure compliance with relevant laws.
11. Ensure data subjects can exercise their rights under data protection laws.
12. Develop and implement a data breach response plan.
13. Notify regulatory authorities and affected individuals in the event of a data breach.
14. Provide regular training on data protection for employees.
15. Other Adhoc tasks assigned by Group CTO.
Requirements
1. 5 to 8 years experience in a similar role in a large international organisation (within
the financial services sector, fintech or blockchain related industry would be deemed
an advantage).
2. Strong knowledge and understanding of information security, data protection and
privacy practices and policies, including information security and privacy
frameworks, standards, best practices and information security and data protection
regulations, especially in Dubai.
3. Experience in implementing a secure development lifecycle and working with
Privileged Access Management
4. Ability to identify areas for improvement and recommending how to improve them.
5. Ability to drive and integrate complex, multi-functional, cross-organizational
initiatives.
6. The ability to interact with Informa colleagues, build good relationships at all levels
and across all business units and organisations, and the ability to influence
stakeholders of all levels.
7. Ability to work with others effectively, with 3rd parties, internal teams, and
international business units, promoting knowledge sharing within and across teams.
8. Demonstrable experience of managing and motivating cross-functional,
interdisciplinary teams to achieve tactical and strategic goals in a matrixed
organisational structure.
9. Highly self-motivated and directed, with keen attention to detail.
10. A good understanding of security frameworks including ISO27001 / NIST / CIS /
COSO / RMF / PCI DSS / HIPAA, etc.
11. Interest in blockchain and digital assets, and willingness to work with other teams in a
highly collaborative start-up fintech environment.
12. Well organised, detail oriented, presentable and with excellent communication skills
(both verbal and written) in English (Proficency in Mandarin would be deemed an
advantage).
13. Problem solving, time management, analytical, and investigative skills.
14. Professional qualifications pertinent to the sector (i.e. International Association of
Privacy Professionals (IAPP) Certification(s) – e.g. CIPP/Asia, CIPM, CIPT, FIP will
be highly preferred).
15. Be open to performing other responsibilities associated with the position.
