Overview
About Presight
Presight, an ADX-listed public company limited by shares whose majority shareholder is Abu Dhabi company G42, is the region’s leading big data analytics company powered by Artificial Intelligence (“AI”). It combines big data, analytics, and AI expertise to serve every sector, of every scale, to create business and positive societal impact. With its world-class computer vision, AI and omni-analytics platform as its engine, Presight leverages all-source data to support insight-driven decision making that shapes policy and creates safer, healthier, happier, and more sustainable societies.
Overview:
The main purpose of the role is to manage the design, development, management and implementation of secure systems and processes. Responsibilities will include, but not be limited to, performing reviews, assessments and audits, conducting research, and facilitating communication to internal and external stakeholders where necessary. The position will monitor, coordinate, and implement policies, standards, procedures, controls, and guidelines to support security, compliance, Risk Management and audit requirements.
Responsibilities
Key Responsibilities:
- Act as a point of contact within the organization for members of staff, regulators, and any relevant public bodies on issues related to information security.
- Ensure the company’s procedures are in line with applicable local and international Data Protection Regulations and codes of practice.
- Coach other members of the organisation on the best practices that should be followed.
- Evaluate the existing data protection framework and identify areas of non or partial compliance and rectify any issues
- Devise training plans and provide data protection advice and support for members of staff
- Inform and advise business partners on all matters related to data protection
- Promote a culture of security awareness and data protection compliance across all units of the organization
- Provide expert advice and educate employees on important information security and data compliance requirements
- Draft new and amend existing policies, guidelines, and procedures, in consultation with key stakeholders
- Implement and manage the procedures and required regulatory controls
- Implement and manage IT Governance Controls,. Including but not limited to Risk Management
- Implement and manage IT Risk Management Controls, including the Development of comprehensive Information Security Risk Management Program.
- Hold training with staff members across different business units who are involved in data handling or processing as well as training related to Security Awareness.
- Proactively conduct IT compliance checks to ensure adherence and address potential issues
- Maintain records of all data processing activities carried out by the company
- Engage with business and project teams to advise on privacy controls (including the completion of data privacy impact assessments) and mitigation of risks
- Coordinate our response to data subject rights requests, if required
- Conduct root cause analysis of personal data breaches and identify remedial actions where required
- Report key risks and mitigating controls as well as the quality of compliance programs to senior management regularly and obtain resulting feedback
Qualifications
Qualifications:
To qualify, you must have:
- Bachelors or Master’s degree in IT, Information Security, Computer science or related field.
- Minimum of 10 years of experience working in Information security and data protection operations and compliance and the last years in a leading role.
- Privacy-related qualifications/certification, e.g., International Association of Privacy Professionals (IAPP), GDPR, etc.
- Experience with privacy operations tools like Forcepoint , OneTrust and Data discovery solutions
- Experience with authentication standards and technologies such as multi-factor authentication, JSON Web Token (JWT) and single sign-on (SSO).
- Knowledge of identity and access management best practices, procedures, and software solutions such as SailPoint, Beyond trust PAM, Azure PIM and/or EPM, CyberArk, ForgeRock, Okta or Ping Identity.
- Proficient in Microsoft Office Suite or related writing and presentation software
- Expertise in local and international data protection and information security laws and practices, including an in-depth understanding of Abu Dhabi Global Market Data Protection Regulation, EU’s General Data Protection Regulation etc.
- Experience with the implementation of data privacy standards like GDPR in a complex organizational environment
- Experience with the management and coordination of IT Risk
- Experience with the coordination and management of IT Audits
- Strong project management skills
- Ability to work well under pressure and manage sensitive and confidential information
- Excellent verbal and written communication skills, with strong attention to detail