This job ad has been posted over 30 days ago...

25

applicants

Information Security Specialist Full-time

at Cyber Security Works Pvt Ltd in Abu Dhabi (Published at 18-06-2015)

PURPOSE:

Responsible for aligning security initiatives with enterprise programs and business objectives, ensuring that information assets and technologies are adequately protected with regulatory compliance .

KEY ACCOUNTABILITIES:

Description
Risk Assessment & GAP Analysis
Conducting risk assessment on all information systems
Design and document new information security architectures, technical control standards and risk analysis methodologies
Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address findings

Planning
Develop and manage the implementation of CLIENT Information Security policies, procedures and security measures for information systems of the organization
Ensure Information Security Plans are developed for all applicable information systems.
Ensure the development of plans for the Security Testing and Evaluation of all applicable systems.
Develop and implement an Information Security awareness campaign for CLIENT users.
Support CLIENT’s Business Continuity and contingency planning efforts by planning and participating in the DR Rehearsals from an Information Security perspective.
Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company’s reputation

Audit & Compliance
Enforce and monitor the implementation of, and compliance with, the National Electronic Security Authority (NESA) Policy, ISO 27001
Coordinate with NESA for incident response to implement applicable and coordinated incident management procedures (to include the appropriate reporting of incidents) – when established.
Supervised network support and participated in information security review and audits

Systems & Security Control
Co-ordinate with systems and networks team to ensure the systems/devices up-to standards and effective implementation of passwords.
Ensure implementation of all information security controls, as set forth in the Information Security Plan, to ensure adequate security for the respective system

Business Continuity & Disaster Recovery
Develop and oversee effective business continuity and disaster recovery policies and standards to align with enterprise business continuity management program goals
Plan disaster recovery exercises to circumvent any unexpected system failures.
Co-ordinate with other departments and understand to create business continuity plan

Policies, Procedures & Processes
Review all existing Processes such as but not limited to Change Management Process, Patch Management Process etc. and develop new Processes if needed from an Information Security perspective.
Recommend improvements to IT policies and procedures in order to guarantee systems technical integrity.
Backup & Restore

Projects
Prepare detailed project plan for the perusal of the management and preparing all the required documentation to initiate projects. Managing the progress of complete project with related tasks within the stipulated time frame.
Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls and solutions
Coordinate information security projects with resources from IT and business unit teams

Budget
Creating Business cases and management justification documents for the new projects. Meeting with vendors and assisting IT Manager in budget preparation
Develop emergency procedures for handling security breaches manage internal communication regarding system updates and provide estimates of budgetary requirements for technical upgrades.

Documentation
Ensure adequate documentation and filing of all modifications made to systems and network, in order to enable fast future retrieval of all relevant data with regards to a specific system or network device.

Advice
Act as source of expertise for management and other relevant stakeholders on issues concerning the own specialist area, in order to contribute to optimizing efficiency and effectiveness of business processes, activities and decision making.

Reporting & Coordinating
Provide monthly report to the IT Manager
Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
Responding to the letter received from the relevant regulatory bodies like NESA on the progress of CLIENT’s Information Security program.
Responding information security communication received from ADNOC and its OPCOs
Communicate and escalate, as necessary, Information Security matters to the relevant authorities for Risk Management.
Conduct Information Security communications and outreach by leveraging the Information Security Working Group

KEY PERFORMANCE INDICATORS

  • Compliance with policy and procedures
  • Time Punctuality & Systematic approach
  • Team building skills & Decision making skills
  • Stress management skills & Time management skills
  • Strategic Thinking, Influencing ability, Attention to detail, Negotiating skills.
  • Must have the ability to interact and communicate effectively across all levels of the organization

QUALIFICATIONS, TECHNICAL CERTIFICATION & EXPERIENCE:
Qualifications :

  • Bachelors/Masters of Science in Information Technology or Computer Engineering

Technical Certification:

  • CISA
  • CISM
  • CISSP

Experience :

  • 8-10 year working experience in a system engineering & network environment
  • Experience in auditing skills as SO27001
  • Expertise on network & security device e.g. routers, switches, firewall, antispam would be an advantage

Note: Applications have been closed.



Recent jobs at Cyber Security Works Pvt Ltd


Viewed: 1396 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend