Maintain and implement the Information/OT Security Management System and IT Risk management initiatives across the IT infrastructure and monitor corporate-wide compliance with Information/OT Security policies, procedures, and guidelines to ensure the effectiveness of the company’s Information/OT Security and Risk Management Programs.
- Supervise and participate in the conduct of penetration testing to assess the vulnerabilities and weaknesses in the systems.
- Coordinate the internal and external audits and follow up the implementation of Audit recommendations with various IT sections to mitigate identified risks.
- Track and analyze performance and security risk measures and use that information to continually improve Information/OT security.
- Perform Risk assessment on the risks that could seriously impact IT services across enterprise IT infrastructure against the ISO 27001 standards and recommend the appropriate controls and risk plans and programs to mitigate the risk.
- Coordinate with various stakeholders’ e.g. corporate compliance, internal audit and corporate risk management, and various IT technical teams for the design and implementation of audit, risk assessment, and regulatory compliance practices for IT.
- Participate in the planning for the restoration of IT services to provide adequate backup and recovery mechanisms for unexpected contingencies.
- Act as a technical Security advisor to observe and provide timely information about the latest threats, their applicability, and mitigation measures.
- Monitor and identify any new technology risk threat and take proactive measures to protect the company’s computing and networking environments.
- Identify any potential areas of compliance vulnerability and risk in order to implement corrective action plans for resolution of problematic issues, and provide general guidance on measures to avoid or deal with similar situations in the future.
- Investigate any forensic analysis, if required, to identify any actual or potential information/OT security violations and risks.
- ITIL V3 foundation certification is preferred.
- Should have a minimum of 8 years of work experience from a large-scale company.
- Hold Professional Certification in CISA, CISM, CISSP, CCNA would be a plus.
- Awareness of ITIL processes like incident management and problem management is advisable.
- In-depth knowledge on security support and security risk analysis preferably ISO 27001, NESA, ISA99 Risk Management, in a corporate multi-location company.
- University Degree in Information Technology, Computer Science, Computer Engineering or equivalent.
Vacancy Type: Full Time
Job Location: Abu Dhabi, United Arab Emirates
Application Deadline: N/A