Senior Security Engineer

Responsibilities

1. Develop and oversee the information security strategy of Dubai Entity.

2. Ensure compliance with relevant cybersecurity regulations and standards.

3. Implement measures to protect IT systems and data from cyber threats.

4. Conduct regular security assessments and audits.

5. Develop and maintain an incident response plan for cybersecurity breaches.

6. Provide regular training and awareness programs on information security.

7. Assess and manage cybersecurity risks associated with vendors and third-party

service providers.

8. Ensure compliance with data protection laws and regulations.

9. Develop and implement data protection policies and procedures.

10. Oversee the processing of personal data to ensure compliance with relevant laws.

11. Ensure data subjects can exercise their rights under data protection laws.

12. Develop and implement a data breach response plan.

13. Notify regulatory authorities and affected individuals in the event of a data breach.

14. Provide regular training on data protection for employees.

15. Other Adhoc tasks assigned by Group CTO.

Requirements

1. 5 to 8 years experience in a similar role in a large international organisation (within

the financial services sector, fintech or blockchain related industry would be deemed

an advantage).

2. Strong knowledge and understanding of information security, data protection and

privacy practices and policies, including information security and privacy

frameworks, standards, best practices and information security and data protection

regulations, especially in Dubai.

3. Experience in implementing a secure development lifecycle and working with

Privileged Access Management

4. Ability to identify areas for improvement and recommending how to improve them.

5. Ability to drive and integrate complex, multi-functional, cross-organizational

initiatives.

6. The ability to interact with Informa colleagues, build good relationships at all levels

and across all business units and organisations, and the ability to influence

stakeholders of all levels.

7. Ability to work with others effectively, with 3rd parties, internal teams, and

international business units, promoting knowledge sharing within and across teams.

8. Demonstrable experience of managing and motivating cross-functional,

interdisciplinary teams to achieve tactical and strategic goals in a matrixed

organisational structure.

9. Highly self-motivated and directed, with keen attention to detail.

10. A good understanding of security frameworks including ISO27001 / NIST / CIS /

COSO / RMF / PCI DSS / HIPAA, etc.

11. Interest in blockchain and digital assets, and willingness to work with other teams in a

highly collaborative start-up fintech environment.

12. Well organised, detail oriented, presentable and with excellent communication skills

(both verbal and written) in English (Proficency in Mandarin would be deemed an

advantage).

13. Problem solving, time management, analytical, and investigative skills.

14. Professional qualifications pertinent to the sector (i.e. International Association of

Privacy Professionals (IAPP) Certification(s) – e.g. CIPP/Asia, CIPM, CIPT, FIP will

be highly preferred).

15. Be open to performing other responsibilities associated with the position.