About the Role
The Manager - IT Security is responsible for establishing and maintaining a
corporate-wide management program to ensure the information assets are
adequately protected.
This position is responsible for identifying, evaluating, and reporting on
information security, data protection, and data privacy risks in a manner that
meets the operational, compliance, and regulatory requirements, and aligns
with and supports the operations and risk appetite of GEMS Education.
Key Accountabilities:
* Develop, implement, and monitor a comprehensive enterprise information security and data privacy risk management program to ensure that the integrity, confidentiality, and availability of information is owned, controlled, or processed by the organization.
* Facilitate information security and data privacy governance through the implementation of a governance program, including the formation of an information security steering committee or advisory board.
* Develop, maintain, and publish up-to-date information security and data privacy policies, standards, and guidelines. Oversee the approval, training, and dissemination of the policies and practices
* Create, communicate, and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants, and other service providers.
* Develop and manage information security budgets (as assigned by the CIO) and monitor them for variances.
* Create and manage information security and data privacy awareness training programs for all employees, contractors, and approved system users
* Work directly with the business units to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk.
* Provide regular reporting on the status of the information security and data privacy program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program.
* Create a framework for roles and responsibilities regarding information ownership, classification, accountability, and protection.
* Develop and enhance an information security management framework based on industry best practices, such as International Organization for Standardization (ISO) 2700X, IT IL, COBIT/Risk IT, and the National Institute of Standards and Technology (NIST).
* Liaise with development and operations teams to ensure alignment between the information security, data privacy, infrastructure, and application architectures.
* Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
* Liaise with development and operations teams to ensure alignment between the security, infrastructure and application architectures.
* Coordinate information security, data privacy, and risk management projects with resources from the IT organization and business unit teams.
* Create and manage a unified and flexible control framework to integrate and normalize the wide variety and ever-changing requirements resulting from applicable laws, standards, and regulations. Ensure that security programs follow such laws, regulations, and policies to minimize or eliminate risk and audit findings
* Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address negative findings.
* Manage IT security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.
* Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
* Coordinate the use of external resources involved in the information security and data privacy program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources.
* Develop and oversee effective Business Continuity Management and IT Disaster Recovery policies and standards to align with enterprise business continuity management program goals. Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event. Provide direction, support and in-house consulting in these areas.
* Liaise with Legal team to review new and existing 3rd party contracts to ensure information security/data privacy requirement incorporation.
* Ensure implementation and regular review of technical information security and data privacy measures to protect corporate IT assets, sensitive information, and personal data.
* Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.
* Ensure the consistent application of policies and standards across all technology projects, systems and services, including, but not limited to, privacy, risk management, compliance and business continuity management.
Qualifications, Experience & Skills:
* Minimum of a Bachelor's degree in Science (BS), Degree in Information Security, Computer Science, Engineering, or a related technical degree. A Master's degree is preferable.
* Minimum of 5 years of work experience in Information Technology Security
* Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, and NIST.
* Strong understanding of risk management framework.
About Your Benefits
An attractive remuneration package is on offer to the successful candidate
including tax-free salary, medical cover, tuition fee concessions, annual
leave, and end-of-service benefits.
**Security Manager** Full time **Four Seasons Private Residence Dubai at Jumeirah,** the latest in an exceptional collection of Four Seasons standalone residential projects, offers residents unmatched quality and service excellence and provides a luxury residential lifestyle managed by Four …
About the Role The Manager - IT Security is responsible for establishing and maintaining a corporate-wide management program (including Business Continuity Management and IT Disaster Discovery) to ensure the information assets are adequately protected. This position is responsible for identifyin…
Company Description A luxury hospitality brand for modern travellers, Anantara connects guests to genuine places, people and stories through personal experiences and providing heartfelt hospitality in the world's most exciting destinations. From pristine islands and tropical beaches to cosmopoli…
Manager, Security (901) At Atlantis, we exist to bring the extraordinary to every holiday and experience through connection, empowerment, precision, care and warmth. Inspired by the majesty and mystery of the ocean, Atlantis resorts are unique destinations full of life, wonder and surprise, wh…
Overview: Comprising of The First Group's award-winning hotels and restaurants, The First Collection is an innovative lifestyle brand offering exciting hospitality services and unforgettable dining experiences. The First Collection's portfolio of five operational hotels are renowned for their world…
**BAT is evolving at pace - truly like no other organisation.** **To achieve the ambition, we have set for ourselves, we are looking for colleagues who are ready to live our ethos every day. Come be a part of this journey!** **BAT UAE** **IS LOOKING FOR A** **SECURITY MANAGER** **SENIORITY LEVEL…
### **Job Summary** The Assistant Manager, Security will provide leadership and direction to Security Guards, Surveillance Personnel and Team Leaders in the absence of Managers and Directors. Priority of this role will be the constant support, command and control of emergencies, crises and evacuati…
### **Job Summary** Are you a confident self-driven leader who can perform incident and emergency management as well as provide leadership and direction to security & surveillance personnel? Do you have the skillset to guide and advise executive management in the command of crises and evacuation? …
Summary You will be responsible for the efficient running of the department in line with Hyatt International's Corporate Strategies and brand standards, whilst meeting employee, guest and owner expectations. The Security Manager is responsible to develop, implement, monitor and evaluate the hotel's…
Company Description Visa is a world leader in digital payments, facilitating more than 215 billion payments transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories each year. Our mission is to connect the world thro…