As the implementation phase of Buna, formerly known as the Arab Regional
Payment System (ARPS), project picks up momentum, we are looking for a
responsible Information Security Officer- Buna to join our founding team.
Duties of the Information Security Officer include developing and managing
Buna 's information security policies & strategy to protect Buna from security
threats and cyber-attacks. The job holder is also responsible for ensuring
operational compliance with all standards and regulations and driving business
continuity. This position will report to the Chief Risk & Compliance
Officer.
In this context, the following sections detail the main qualifications, skills
and responsibilities related to this position:
Cyber Security Policies and PRocedures Development
* Develop and monitor a strategic, comprehensive enterprise information / cyber security risk management program (including strategy, policies, standards, processes, and guidelines) to ensure protection of Buna digital and data assets
* Create, maintain and publish up-to-date information security policies, standards and guidelines
* Ensure cyber security policies, procedures and best practices are communicated across the organization
Security Operations Implementation
* Implement and lead the strategy for managing and reporting security incidents and oversee investigations of reported security breaches
* Identify, manage, and minimize information security risks, and provide relevant and timely reports that drive business decisions
* Ensure appropriate administrative, physical and technical safeguards are in place to protect information assets from internal and external threats
* Identify, introduce and implement appropriate procedures to test technical safeguards on a regular basis
* Oversee the development and implementation of appropriate and effective controls to mitigate identified threats and risks
* Align the security and enterprise (reference) architectures, ensuring security requirements are implicit in these architectures
* Manage the daily operations for InfoSec architecture, engineering, operations center, secure development lifecycle, and governance functions across on-premise, hybrid cloud, and cloud capabilities
Information Security Program Management
* Report regularly on current status of the information security program
* Keep abreast of latest cybersecurity technologies and innovations
* Create and manage a targeted information security awareness training program
* Manage InfoSec vendor relationships and optimizing value from these relationships
* Research, investigate and implement measures that address data security risks and potential losses
Identity and Access Management
* Monitor and maintain application user access across the IT portfolio
* Maintain on time on-boarding and off-boarding for identified IT environments
Cybersecurity Incident Mitigation
* Follow-up on detected security issues and implement solutions to mitigate risks
* Oversee threat monitoring activities, take preventive actions and advise relevant stakeholders on the appropriate course of action and response to such threats
* Own the cybersecurity incident and vulnerability management processes from design to implementation
Threat Analysis and Monitoring
* Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters
Experience & Education
* 10+ years of experience in IT, with at least 5+ years in Information Security, preferably in banking
* Prior experience developing and maintaining an information security program
* Experience with information security frameworks
* Graduate degree from a reputable university preferably in computer science or any related field
* Relevant security certifications (CISA, CISM, CERT, CISSP, GSEC, CCSP, GIAS, CEH or OCSP) are preferred
Skills
* Knowledge of information security frameworks, cyber security policies and procedures, statutory and regulatory compliance, security operations, cybersecurity incident response, identity and access management and further threat analysis and monitoring
* Excellent communication skills (oral and written) with ability to effectively communicate by telephone, face to face, email and written
* Proficient in Microsoft Office (Outlook, Word, Excel and PowerPoint)
* Excellent organization and time management skills, and ability to work on own initiative, accurately to tight deadlines, and to prioritize between conflicting demands
* Ability to handle multiple tasks with tight deadlines simultaneously
* Effective team player and excellent relationship building skills with ability to demonstrate a high level of discretion and positive attitude with all internal and external stakeholders
* Ability to maintain the highest level of confidential/sensitive information and professionalism
* Flexibility and readiness to work beyond regular working hours and as required
Languages
* Fluent in English & Arabic
**Department** Information Technology **Sub-section** **Required qualification** Graduate **Experience** 3-5 year(s) **Location** Abu Dhabi #### **Description** Job role: • Review information security Policy, Procedure, IS risk registers and other documents related to ISMS regularly,…
Al Rashed Head Office Job Detail **Industry** Construction / Cement / Metals **Functional Area:** Management Information System (MIS) **Total Position:** 1 **Job Type:** Full Time/Permanent ( First Shift (Day) ) **Department:** Al-Rashed Head Office **Job Location:** Khobar, Saudi Arabia **Degree T…
# **Information Security Officer** • Strong understanding of the threat landscape, risk management, patch management • Expertise in one or more of the following areas: Incident Response, Security Operations, Security Governance, Threat Intel, Cloud Security, Architecture, Data Protection, Network S…
* Identify security goals and objectives and align them with business objectives. * Implement strong authentication and access control mechanisms. * Monitor user access for compliance and security. * Create, modify, and disable user/system accounts in accordance with established procedures…
Company Description A luxury hospitality brand for modern travellers, Anantara connects guests to genuine places, people and stories through personal experiences and providing heartfelt hospitality in the world's most exciting destinations. From pristine islands and tropical beaches to cosmopoli…
Business Information Security Officer-35597 **Profession** Service Operations **Work Location** Middle East, India & Africa-Saudi Arabia-Jeddah **Schedule** Full-time Description Experienced **Business Information Security Officer** to enforce policies and procedures as per NCA and SITA guid…
**Our Client: ** A leading Cyber Security company in Saudi Arabia. **Your Responsibilities: ** * To provide guidance on our clients cybersecurity program on a strategic level and to make sure the organization remains compliant with cybersecurity standards, policy, regulations and l…
Company Description A luxury hospitality brand for modern travelers, Anantara connects guests to genuine places, people and stories through personal experiences and providing heartfelt hospitality in the world's most exciting destinations. From pristine islands and tropical beaches to cosmopolit…
Job Title: Medical Information Officer-Medical Representative Division: Commercial - Dubai Sales & Marketing Country: UNITED ARAB EMIRATES Work Location: UAE (Abu dhabi) Job Type: Medical Information Officer-Medical Representative Employment Type: Full Time Employment (Un-limited Contract) **Job De…
#### **Job Description** * Helps in identifying existing IT controls by collecting information and reviewing documentation * Reviews IT policies and procedures to verify they address key internal and external requirements * Identifies, documents, and reports threats, vulnerabilities, and risk…