Overview:
Avrioc Technologies, headquartered in Abu Dhabi, UAE, specializes in developing applications, software, games, and AI models that enhance daily experiences. Its offerings include CBUAE Licensed Fintech solution, AI-driven products, indoor cycling platform, VoIP application and freelance platform. The company is dedicated to innovation and continuous growth, aiming to transform ordinary experiences into extraordinary ones.
The Chief Information Security Officer (CISO) will report directly to the CEO of Avrioc Technologies and will oversee the organization's cybersecurity practices across Avrioc Technologies and its affiliated companies. The CISO will be responsible for evaluating current cybersecurity practices, recommending necessary improvements, and implementing enhancements as approved by the executive leadership. Additionally, the CISO will collaborate closely with Avrioc Technologies' Governance, Risk, and Compliance (GRC) function to ensure cybersecurity risks are effectively identified, assessed, and managed in alignment with the company’s security and privacy requirements.
Responsibilities:
- Oversee the implementation and maintenance of robust cybersecurity controls across Avrioc Technologies and its affiliated companies.
- Provide regular updates to the CEO and GRC department on progress toward achieving industry-standard Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs).
- Develop and enforce cybersecurity policies, procedures, and standards to strengthen the organization's overall security posture.
- Serve as a trusted advisor to technical teams, providing independent oversight and guidance on cybersecurity solutions and initiatives.
- Manage the Security Operations Centre (SOC) to ensure efficient threat monitoring, detection, and response.
- Lead incident response and forensic investigation processes, ensuring prompt resolution and actionable insights from post-incident reviews.
- Oversee the configuration, management, and optimization of critical security tools including DLP, EDR, WAF, PAM, DAM, SIEM, Perimeter firewall, etc.
- Implement and maintain a robust cloud security framework, ensuring alignment with AWS Cloud Security Posture Management (CSPM) best practices.
- Collaborate with DevOps and IT teams to secure cloud-native applications and infrastructure.
- Lead the adoption and integration of DevSecOps practices, embedding security within CI/CD pipelines.
- Establish processes for secure code reviews to identify and address vulnerabilities during the development lifecycle.
- Secure the software supply chain through robust dependency management and third-party software assessments.
- Ensure the organization’s security practices align with CBUAE Cyber Security requirements, ISO 27001, ISO 20000, UAE IA, GDPR, PCI DSS, and other applicable regulatory standards.
- Work closely with development and architecture teams to design secure systems and implement effective mitigations.
- Promote a culture of cybersecurity awareness and best practices across the organization.
Qualifications:
- 15-20 years of experience in cybersecurity leadership roles with increasing responsibility and span of control.
- Minimum 3 years of experience as a CISO/ Head of Cyber Security
- Bachelor’s or master’s degree in information technology or computer science.
- Any industry-leading cybersecurity certifications (CISSP, CISM, CCSP, CASP+, Security+).
- Experience in designing and implementing cybersecurity programs in a CBUAE regulated industry.
- Experience working in a fast-paced startup, preferable in software development and/or artificial intelligence.
- Comprehensive understanding of cloud technologies with specific knowledge in AWS.
- Experience developing and implementing cybersecurity policies and procedures.
- Experience working with development teams and securing the development process (DevSecOps).
- Experience with digital forensics and incident response.
