Job description: .
Job Purpose:
To manage all activities pertaining to IT Security, IT Audit, and IT governance at Dubai Chambers to maintain consistency in desired IT system, product, and service performance, in adherence to regulation requirements and defined information security standards.
.
Key Accountabilities:
Audit Management
- Manage the timely conduct of information security audits to formally assess IS performance in accordance with defined security parameters, to identify and recommend measures for improvement and facilitate achievement of established security standards and compliance with regulations and policies.
- Lead investigations related to IS breaches to facilitate root cause investigation and implementation of remedial action.
Information Security
- Manage the Security System, identifying and advising on risk mitigation activities related to IS systems, processes to ensure security risk exposure is effectively controlled and managed.
- Manage the timely conduct of security monitoring activities and implementation of remedial actions to facilitate the achievement of established security standards and compliance with regulations and policies.
.
Cybersecurity
- Ensure implementation of an information security strategy that aligns with DC’s goals and objectives.
- Perform security assessments and ensure timely execution of projects while mitigating identified security risks.
- Support Director – Information Security & Risk Management Office in evaluating cybersecurity controls to ensure effectiveness, compliance and adherence to key controls and policies and drive its remediation efforts.
- Ensure the implementation of an Information Security Management System and its controls across DC.
- Manage periodical reviews on the implementation of cybersecurity regulations and on any cybersecurity controls.
- Promote a cybersecurity culture within DC.
- Manage cybersecurity Incidents and their responses.
- Develop and maintain security policies, procedures and controls to protect DC’s information systems and networks from cyber threats.
- Manage both internal and external audits and send results and findings to Director – Information Security & Risk Office for review.
- Stay up-to-date with the latest trends and technologies in cybersecurity and recommend new security measures as needed.
- Prepare and deliver regular report to the Director – Information Security & Risk Management Office on the organization’s cybersecurity posture and recommend improvements where necessary.
- Manage relationships with external security vendors and partners.
.
IS Documentation Management
- Review all IS documentation for release and provide feedback on changes and improvements to ensure compliance with regulation requirements, defined policies, and standards.
Project Management
- Lead the planning, management and control of the various stages of IS related projects to ensure that the project cycle is completed, meeting agreed project parameters (cost budget, timelines, scope and Security), standards and objectives.
Market Knowledge
- Keep abreast of regulatory requirements, technology advances and best practices within the IS domain to assess impact on IS department practices and procedures and adopt best practices for the Chamber.
.
Strategy and Performance Management
- Contribute to the development and execution of the Department short to mid-term strategic plan to ensure alignment with the Department’s strategic priorities, and the corporate goals.
- Contribute to the development of annual business plans for the assigned areas of responsibility to support the achievement of financial and strategic objectives.
- Monitor, control and report key performance indicators related to the Department to track performance and recommend corrective actions.
People Management
- Manage the activities of direct reports to ensure that all work is carried out in an efficient manner, in line with the annual business plans, policies and procedures.
- Manage the performance management process by setting annual objectives, and developing staff through mentoring, coaching and constructive feedback.
- Identify employees’ training and developmental needs and bridge the knowledge gaps to ensure continuous progression, and high-level of competence within the team.
.
Minimum Qualification
- Bachelor’s degree in Computer Engineering or Computer Science or equivalent.
- Master’s degree in a relevant field, is preferable
- CISM, CISP certification, if preferable
Minimum Experience and Skills
- 6 – 8 years of progressive experience with at least 4 years in a managerial / supervisory role in Information Security.
- Detailed knowledge of IS principles and procedures
- Strong project management skills
- In depth knowledge in IS and ability to remain updated on developments in the fiel
- Strong knowledge in Dubai Government DESC standards and requirements.
- Emirati Applicants Only
