Job Purpose
The Head of Information Security is a keyrole responsible for steering the governance, architecture, and strategic direction of information security within the organization. This position focuses on overseeing security operations, refining security architecture, and crafting a forward-looking security strategy that aligns with business objectives. The successful candidate will provide leadership in managing security risks, compliance, and ensuring the seamless integration of security practices across all IT operations.
The position is for
UAE Nationals.
Roles And Responsibilities
- Security Governance: Establish and maintain robust governance frameworks to ensure effective management and oversight of outsourced security operations and internal compliance with these frameworks.
- Security Architecture: Develop and oversee a cohesive security architecture that supports and integrates with the organization’s technology landscape, ensuring that all security solutions are scalable, sustainable, and aligned with business needs.
- Strategic Planning: Lead the strategic planning of the information security function, identifying emerging security threats and technologies, and aligning the security strategy with the overall business strategy.
- Outsourced Security Management: Manage and evaluate outsourced security service providers, ensuring they meet or exceed agreed service levels and contribute effectively to the security posture of the organization.
- Risk Management: Continuously assess and manage the security risks associated with information assets and IT processes, implementing appropriate risk mitigation strategies and policies.
- Incident Management: Lead the development and implementation of an incident management process that promptly addresses and resolves security incidents and breaches, minimizing impact on the organization.
- Compliance and Auditing: Ensure compliance with international and local regulatory requirements related to information security. Regularly review and audit the security practices and policies for effectiveness and adherence to standards such as ISO 27001, GDPR, etc.
- Stakeholder Engagement: Act as the primary point of contact for all information security matters within the organization, ensuring clear communication with stakeholders at all levels regarding security strategies and initiatives.
- Team Leadership: Provide strategic leadership for the information security team, fostering professional development, and ensuring that the team is motivated and equipped to meet their objectives.
Related Years Of Experience
Minimum of 12+ years of experience in a cybersecurity role focusing on security governance, architecture, and strategy. Extensive experience with outsourcing models and managing third-party service providers.
YOE IN MANAGERIAL POSITION
Min of: 4+ years of managerial experience in a related field
Field Of Experience
Large multinationals, Commercial industries, Real Estate
Technical And Interpersonal Skills
- In-depth knowledge of security architectures and models, with a strong understanding of emerging security technologies and threats.
- Strong analytical and strategic thinking skills.
- Excellent leadership and team management abilities.
- Robust communication and negotiation skills, capable of effectively engaging and influencing senior executives and external partners.
- Demonstrated ability to manage and prioritize tasks and projects.
- Professional security management certification, such as CISSP, CISM, or similar, is mandatory.
QUALIFICATION
Master’s degree in Computer Science, Information Security or a related field.
