Cyber Security Governance Manager - Operational Technology

Join ENOC as a Cyber Security Governance Manager, leading governance and compliance efforts to safeguard critical infrastructure and information assets in an OT environment. Collaborate with internal teams and external stakeholders to align cybersecurity strategies with business goals and regulatory standards.

Key Responsibilities:

Compliance Management and Audit Support

• Monitor and ensure compliance with UAE cybersecurity regulations, such as ISR and UAE Information Assurance Standards.
• Support audits and regulatory assessments, including preparing documentation and tracking remediation.
• Collaborate with legal and audit teams to address cybersecurity-related compliance issues effectively.

Policy & Standards Development and Maintenance

• Develop, update, and enforce cybersecurity policies, standards, and guidelines.
• Ensure policies align with industry standards like ISO 27001 and NIST frameworks.
• Facilitate organization-wide acceptance and adherence to cybersecurity policies.

Supplier Security Assessment

• Conduct thorough security assessments of third-party vendors and suppliers to ensure compliance with ENOC’s security standards.
• Work closely with procurement and legal teams to embed cybersecurity requirements into contracts.

Projects Delivery Security Support

• Provide expert guidance on cybersecurity controls during project planning and execution phases.
• Collaborate with IT and business units to integrate security measures into new initiatives.
• Conduct risk assessments for projects to ensure alignment with ENOC’s security objectives.

Cyber Awareness and Training Support

• Lead the design and delivery of cybersecurity awareness campaigns and training programs.
• Develop engaging materials and sessions to educate employees on best practices and compliance requirements.
• Ensure awareness programs meet regulatory standards and drive long-term behavioral change.

Cyber Risk and Controls Assessment and Management

• Manage risk assessment processes for information assets, applications, and third-party systems.
• Track risk trends, identify vulnerabilities, and recommend mitigation strategies.
• Benchmark cybersecurity risk management practices with industry peers to maintain best-in-class standards.

Cyber Reporting to Management

• Develop and maintain comprehensive reports on risks, vulnerabilities, and compliance metrics.
• Present actionable insights and updates to senior management and relevant stakeholders.
• Track the effectiveness of cybersecurity measures and recommend enhancements.

Requirements:

• 7+ years in IT, including 5 years in cybersecurity and 2 years in a supervisory role.
• Expertise in cybersecurity frameworks (ISO 27001, NIST, TOGAF) and UAE-specific regulations.
• Strong interpersonal, project management, and communication skills to engage diverse stakeholders.
• Certifications such as CISSP, CISM, CISA, CRISC, DESC Cyber Bootcamp, ISO 27001 Lead Auditor, or equivalent preferred.
• Bachelor's degree in Computer Science; MBA or MS in Information Security is a plus.