Overview:
Lead the development, implementation and management of information security policies and procedures for Core42 in line with applicable information security standards & regulations and maintain a robust management framework for information security compliance across the organization.
Core42 is the UAE’s national-scale enabler for cloud and generative AI, combining G42 Group’s expertise across multiple technology disciplines into a single platform for public sector and large enterprise transformations. Building on our capabilities as sovereign cloud and HPC specialist, we bring generative AI, cybersecurity, professional and managed services expertise to enable national-scale program deployments across industries.
Responsibilities:
Day to Day Operations
- Identify best practices in information security policies, processes and standards and recommend their adoption, when applicable, across Core42.
- Ensure continuous engagement with information security regulators to keep up to date with the latest information security regulations.
- Update and maintain information security standards and make necessary modifications to existing information security management systems.
- Provide relevant security architecture services to different departments across the Injazat ecosystem.
- Develop strong information security operations and risk management policies to facilitate compliance with industry regulations.
- Enforce security policies to provide direction and support for protecting data and assets in accordance with Core42’s needs.
- Ensure the implementation of security audits and system vulnerability tests across Core42.
- Monitor and manage data security profiles by reviewing security violation reports and ensuring application of security policies and procedures.
- Inspect IT infrastructure installations (help desk, service maintenance, service management, network and communications, systems and database/data centre) to ensure adherence with Core42, as well as external, guidelines and standards.
- Coordinate with information security risk management to identify potential threats to business continuity due to non-compliance with policies and standards.
- Oversee the review of user access rules to balance security needs with ease of use in accordance with job related requirements and security policies & guidelines.
- Ensure information security audit systems and scheduled audits are applied to ensure compliance with standards and regulations.
- Review and analyze reports on compliance actions against information security regulations and policies.
- Oversee and analyze trainings conducted on compliance security policies across Core42.
- Ensure that the processes used in security control (preventative, detective, and corrective) are in full compliance with established security standards and policies.
- The candidate should have a good understanding of MS Azure cyber security controls and concepts.
- Understanding the basic concepts of cloud computing, including service models (IaaS, PaaS, SaaS), deployment models (public, private, hybrid), and cloud architecture principles. Understanding of cloud technologies with security best practices, access and identity, protecting data and applications, as a desired qualification.
- Azure Platform Knowledge: In-depth understanding of Azure services, features, and capabilities relevant to governance, compliance, and risk management.
- Risk Management Frameworks: Proficiency in risk management frameworks such as NIST RMF (Risk Management Framework), ISO 31000, and COSO, and their application in cloud environments.
- Security Controls and Best Practices: Knowledge of security controls, best practices, and methodologies for securing cloud infrastructure, data, and applications.
- Experience with the Cloud Security Alliance's Cloud Controls Matrix (CCM), development & governance and compliance framework as desired qualifications.
- Knowledge of cloud governance best practices, including resource tagging, cost management, compliance reporting, and resource optimization.
- Risk Assessment and Management: Ability to conduct risk assessments, identify security vulnerabilities, prioritize remediation efforts, and implement risk management strategies.
- Proficiency in documenting security configurations, generating compliance reports, and communicating security posture to stakeholders.
- Continuous Learning and Adaptation: Given the dynamic nature of cloud security and compliance, a willingness to continuously learn about new threats and vulnerabilities.
Policies, Processes & Procedures
- Recommend improvements and contribute to the implementation of procedures & controls so that all relevant procedural requirements are fulfilled while delivering the highest quality of service to customers.
Security Standards and Reports
- Prepare security compliance standards and reports to meet the department’s and Core42’s requirements, policies, and standards.
Qualifications:
Minimum Qualifications:
- Bachelor’s Degree in Computer Science, Information Technology, Engineering or related fields
Minimum Experience:
- Minimum 12 years of experience in systems security, data security audits and enterprise resource information
- At least 6 years of experience in business continuity protocols, risk and governance managemen
Job Specific Skills:
- Knowledge of Digital Transformation, Smart Cities / Nations, Cloud, and Cyber Security
- In-depth understanding of governance, risk and compliance trends across various domains
- A knowledge of local compliance policies and procedures
- A meticulous and organized mind with a keen eye for detail
- Strong communication and interpersonal skills
What we look for
If you are a performance-driven, inquisitive mind with the agility to adapt to ambiguity, you will fit right in. You should be eager to explore opportunities to build meaningful collaborations with stakeholders and aspire to create unique customer-centric solutions. Bias for action and a passion to conquer new frontiers in the AI space is at the heart of the Core42 community.
What working at Core42 offers
Culture: An open, diverse and inclusive environment with a global vision that encourages personal growth and focuses on ground-breaking, industry-first innovations.
Career: Outstanding learning, development & growth opportunities via structured training programs and innovative, high-tech projects.
Work-Life: A hybrid work policy to strike the perfect balance between office and home.
Rewards: A competitive remuneration package with a host of perks including healthcare, education support, leave benefits and more.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.