Talent.com
Manager - Information Security
Manager - Information SecurityADGM • United Arab Emirates
Manager - Information Security

Manager - Information Security

ADGM • United Arab Emirates
منذ أكثر من 30 يومًا
الوصف الوظيفي

Job Summary

The objective of this senior subject matter expert focus on the day‑to‑day operations of the operations that provides threat detection, event monitoring, incident triage, incident handling, incident responses, recovery services, cyber hunting, and forensic and malware analysis functionality across all served network environment. This role shall ensure alignment and achieve the objective of the establishment enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected in a risk driven approach based on the ADGM Enterprise Risk management framework. The role will be responsible for all matters related to Enterprise information security operations with direct impacts to strategies, policies, processes, standards & related activities. This role shall oversee the Information Security activities and its associated cyber security operations across ADGM and its subsidiaries as well as ensure resiliency and readiness of ADGM businesses performing and overseeing security assurance assessments.

Core Accountabilities

  • Accountable for alignment of security risk management to ensure digital empowerment & agility in a secure manner.
  • Assure ADGM's management & businesses on predictive cyber and information security risks to make key decisions, thereby ensuring secure & resilient investments to achieve their intended business objectives.
  • Conduct and manage periodic compromise assessments across selected networks and propose recommendations based on assessment results
  • Ensure appropriate information privacy, intellectual rights, confidentiality, integrity & availability controls are effectively implemented in ADGM.
  • Ensure that ADGM GRC objectives are achieved & are effectively implemented, practised and assisted within ADGM.
  • Ensure and oversee that appropriate information governance and management policies and practices are implemented and practised across digital services.
  • Document and elevate incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
  • Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus, Threat Intelligence Providers) to maintain updated of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
  • Foster security best practices and internal controls across ADGM to minimise the exposure to digital and cyber risk.
  • Ensure that ADGM applicable regulatory compliances are achieved & effectively managed within ADGM.
  • Govern and assure the Cyber Security Operations are well managed, in collaboration with the ADGM IT Security and Operations department.
  • Assure business resiliency and readiness to safely thrive through any disastrous events across the organisation or region.
  • Ensure the function's performance is measured on a periodic basis as well as ensure objectives are achieved.
  • Ensure ADGM digital transformation has strategically designed security & resiliency domain-driven based on the overall business and cyber risks.
  • Ensure ADGM cloud strategy by establishing required security measures to accommodate the cloud cybersecurity risks & policies supporting secure operating model.
  • Provides cybersecurity recommendations based on significant threats and vulnerabilities.
  • Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operational Plans.
  • Ensure crisis communication plans are adequately implemented across security operations.
  • This role shall ensure the Digital and Cloud Infrastructure Architecture are secured and monitored consistently.
  • Oversee cloud and organisation related projects to ensure appropriate usage of security tools and security methodologies, controls are in place to reduce risk exposure.

Operational responsibilities

  • Establish an integrated & business-centric strategy & program plan for security management, risk management and resiliency management across ADGM.
  • Ensure appropriate security controls protection of business valued and classified ADGM information by protecting the privacy, IPR rights, Confidentiality, Integrity and availability in its entirety across ADGM and its subsidiaries.
  • Perform and oversee the threat management, threat modelling, identify threat vectors and develop use cases for security monitoring.
  • Review and endorse the robust Information Security management policies & relevant controls are development & implementation supporting ADGM business activities.
  • Ensure the security concepts such as cyber-attacks and techniques, threat vectors, risk and threat management, incident management etc. are implemented appropriately
  • Ensure that risk management activities are insight-driven, business-focused to proactively identify the business, security and cyber risks across the organisation.
  • Proactively communication risks to line manager and other stakeholders with the objective to strengthen the ADGM's risk culture and responsiveness to change
  • Ensure proactive identification of the Information security and Cybersecurity risk across strategy, operations as well as tactical levels.
  • Ensure that appropriate and meaningful KPI's, KCI's and KRI's are established
  • Establish and ensure accuracy of reports, dashboards and metrics for security operations are available to senior leadership.
  • Ensure that appropriate metrics providing consistent business-centric results are established for periodic presentation to management.
  • Ensure consistent management of the threat intelligence and modelling in accordance with the ADGM Digital Infrastructure and Business Services.
  • Ensure that major threats and strategic risks, reputational risks, and interconnected risks with information security and cyber security risks are managed appropriately.
  • Assist ADGM in adopting new technologies with a true understanding of their risks as well as their possibilities.
  • Establish the appropriate security road map based on the approved security strategy.
  • Ensure that appropriate internal controls are effectively implemented in ADGM.
  • Ensure participation to support security awareness program reducing digital and cyber risk posed by ADGM users.
  • Ensure appropriate and rigorous governance is established & implemented for the strategic and classified information across ADGM digital infrastructure and especially acquired cloud services.
  • Oversee and endorse the identity and access management practices across ADGM to mitigate the risks as well as in compliance with the regulatory requirements.
  • Ensure appropriate support and assurance for the successful execution of the security, risk and resiliency audits by internal and external auditors.
  • Responsible for developing and ensuring ADGM Cloud Architecture is in accordance with the Information Security best practices considering all the required security controls.
  • Responsible for developing and ensuring that multi-layer security controls aligned with the defence‑in‑depth strategy, frameworks and blue prints as well as Information Security Policy.
  • Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event’s history, status, and potential impact for further action in accordance with the organization’s cyber incident response plan.
  • Document and elevate incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
  • Ensure Information Security Policies, Processes, Run-books, SOP, etc. Are developed, reviewed and maintained regularly.
  • Ensure System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross‑site scripting, Procedural Language / Structured Query Language [PL / SQL] and injections, race conditions, covert channel, replay, return‑oriented attacks, malicious code, Controls are in implemented and tested to reduce risk posture.
  • Ensure Information Security Incident Response strategy, plan and procedure are developed, reviewed, maintained and practised in accordance with best practice.
  • Ensure Information Security Solutions are maintained, updated and operated effectively and efficiently with required security assurance and trust levels.
  • Business Continuity Responsibilities

    • Actively support the business continuity responsibilities assigned to ADGM Users for successful resilient business process and activities.

    Managerial

  • Manages team with full accountability for achieving overall agreed objectives
  • Creates an environment where team members consistently drive to improve performance
  • Manages by effectively empowering team members
  • Takes responsibility for mentoring high potential and most critical talent in their career progression
  • Reviews performance of the team and addresses performance issues quickly through clear decisions

    • Information Security related

  • Understand, adapt, adhere and practice responsibilities or controls as per ADGM Information Security policy and best practices explained in the induction and awareness sessions.
  • Confidentiality, integrity and availability of the ADGM Information shall be maintained at all times

    • Job Qualifications & Experience

  • 10+ years of experience in managing the Enterprise‑wide Information Security and Risk Management & 3+ years of relevant experience in business management.
  • Bachelors in Information technology, computer science or related fields.
  • Experience and knowledge of a broad range of standards, frameworks and the required controls families such as Risk Mgmt. Controls, Cloud Security Controls, Fintech Security, Data Analytics, etc
  • Experience and knowledge in International recognised Industry related certification requirements such as ISO27001, ISO20000, ISO22301, ISO31000, ISO 27032, ISO27017, PCI DSS, etc.
  • Extensive knowledge & proven experience in articulating complex enterprise‑wide Governance, Risk and Compliance mgmt. Strategy & policies from an Information Security perspective.
  • Experience in converting complex strategy and policies statements into Internal and technical controls applicable across the organisation.
  • Experience in establishing, assessing and optimising of the IT and Information Security Governance Frameworks and Model.
  • Sound knowledge of different information‑related risks at the enterprise, strategic, operational, cyber & IT domain levels.
  • Well‑versed in all Enterprise Risk Management‑versed areas in all Enterprise Risk Management areas, including the risk identification, remediation, & periodic monitoring.
  • Knowledge of common risk management methodologies — for example, Control Objectives for Information and Related Technology and Committee of Sponsoring Organizations Enterprise Risk Management
  • Information Security Risks impacts and solid understanding of project management principles.
  • Ability to translate understanding of the organisation’s goals and objectives into compliance requirements.

    • #J-18808-Ljbffr

    إنشاء تنبيه وظيفي لهذا البحث

    Manager Security • United Arab Emirates

    الوظائف المماثلة
    Information Security Engineer

    Information Security Engineer

    Eqvilent • United Arab Emirates
    We have a hybrid infrastructure and many non-trivial challenges that require your expertise and proactive solutions.Design and manage implementation of secure network configurations for server infr...أظهر المزيد
    آخر تحديث: منذ يوم واحد • عَرْضٌ مُرَوَّجٌ له
    Remote Senior Information Security Engineer : Cloud Security

    Remote Senior Information Security Engineer : Cloud Security

    Eqvilent • United Arab Emirates
    A cybersecurity company is seeking an experienced Information Security Engineer to manage secure network configurations and implement security measures across a hybrid infrastructure.The ideal cand...أظهر المزيد
    آخر تحديث: منذ يوم واحد • عَرْضٌ مُرَوَّجٌ له
    virtual Chief Information Security Officer (vCISO)

    virtual Chief Information Security Officer (vCISO)

    Dynova | Security for startups • , , United Arab Emirates, United Arab Emirates
    Dynova is a Dubai based cybersecurity firm offering virtual Chief Information Security Officer vCISO services through a flexible, fractional model tailored for startups from pre seed to Series C.Re...أظهر المزيد
    آخر تحديث: 13 منذ ساعات • عَرْضٌ مُرَوَّجٌ له • جديد!
    Incident Response Manager

    Incident Response Manager

    ADIB • , , United Arab Emirates, United Arab Emirates
    Cyber Security Incident Response unit, overseeing its day-to-day operations and managing the SOC shifts.This role requires collaboration with various internal teams and departments, as well as exte...أظهر المزيد
    آخر تحديث: منذ يوم واحد • عَرْضٌ مُرَوَّجٌ له
    Head of Compliance Technology Platforms

    Head of Compliance Technology Platforms

    Abu Dhabi Islamic Bank • United Arab Emirates
    Head of Compliance Technology Platforms.This is a senior hands‑on leadership role responsible for ensuring the resilience, performance, and evolution of ADIB’s compliance systems.The role holder le...أظهر المزيد
    آخر تحديث: 15 منذ أيام • عَرْضٌ مُرَوَّجٌ له
    Senior Officer - Information Technology - Jumeirah Zabeel Saray

    Senior Officer - Information Technology - Jumeirah Zabeel Saray

    Dubai Holding • United Arab Emirates
    Dubai Holding, operates an exceptional portfolio of 28 properties across the Middle East, Europe and Asia.In 1999, Jumeirah changed the face of luxury hospitality with the opening of the iconic Jum...أظهر المزيد
    آخر تحديث: 6 منذ أيام • عَرْضٌ مُرَوَّجٌ له
    Integrity and Compliance Manager, Turkey

    Integrity and Compliance Manager, Turkey

    Acino • United Arab Emirates
    Arcera is a global life sciences company headquartered in Abu Dhabi, United Arab Emirates.Our purpose is to enable longer and healthier lives while creating sustainable growth.We develop, manufactu...أظهر المزيد
    آخر تحديث: 5 منذ أيام • عَرْضٌ مُرَوَّجٌ له
    Country Internal Control Lead - Process & Risk Excellence

    Country Internal Control Lead - Process & Risk Excellence

    Robert Walters • United Arab Emirates
    A leading recruitment consultancy is searching for a Country Internal Control Manager in the United Arab Emirates.The successful candidate will support business process owners in maintaining effici...أظهر المزيد
    آخر تحديث: 7 منذ أيام • عَرْضٌ مُرَوَّجٌ له
    Dubai MRO Site Leader - Strategy, Ops & Compliance

    Dubai MRO Site Leader - Strategy, Ops & Compliance

    Raytheon Technologies • United Arab Emirates
    A leading aerospace company in Dubai is seeking a Site Leader for its operations at Jebel Ali Free Trade Zone.You will provide strategic leadership and full P&L accountability, ensuring operational...أظهر المزيد
    آخر تحديث: 3 منذ أيام • عَرْضٌ مُرَوَّجٌ له
    Director of Institutional Excellence & Compliance

    Director of Institutional Excellence & Compliance

    Abu Dhabi School of Management • , , United Arab Emirates, United Arab Emirates
    The successful candidate will build an evidence-based institutional effectiveness ecosystem that supports licensing, accreditation readiness, continuous improvement, KPI governance, and audit prepa...أظهر المزيد
    آخر تحديث: 7 منذ أيام • عَرْضٌ مُرَوَّجٌ له
    Part-Time vCISO : Startup Security Leadership

    Part-Time vCISO : Startup Security Leadership

    Dynova | Security for startups • , , United Arab Emirates, United Arab Emirates
    A Dubai-based cybersecurity firm is seeking experienced virtual CISOs to deliver tailored security services to startups.Responsibilities include leading information security, conducting risk assess...أظهر المزيد
    آخر تحديث: 13 منذ ساعات • عَرْضٌ مُرَوَّجٌ له • جديد!
    Strategic IT Director, Corporate Systems & Security

    Strategic IT Director, Corporate Systems & Security

    Qureos Inc • , , United Arab Emirates, United Arab Emirates
    A leading IT consultancy firm is seeking an experienced IT Manager based in Abu Dhabi, UAE.The ideal candidate will lead the development and management of corporate IT plans and strategies, align I...أظهر المزيد
    آخر تحديث: منذ يوم واحد • عَرْضٌ مُرَوَّجٌ له
    Security Engineer

    Security Engineer

    Cygnus Technologies • United Arab Emirates
    Job Position Security Engineer Palo Alto Engineer Company Name Cygnus Technologies Job Location Abu Dhabi UAE Responsibilities Design deploy configure and maintain Palo Alto NextGeneration Firewall...أظهر المزيد
    آخر تحديث: 3 منذ أيام • عَرْضٌ مُرَوَّجٌ له
    Assistant Security Manager - Farnek Services LLC

    Assistant Security Manager - Farnek Services LLC

    Qureos Inc • United Arab Emirates, United Arab Emirates
    Support the Associate Director of Security in achieving departmental goals.Supervise day-to-day operations, resolve issues, and ensure compliance with company and legal standards.Manage team discip...أظهر المزيد
    آخر تحديث: 10 منذ أيام • عَرْضٌ مُرَوَّجٌ له
    Remote SVP of Ops Transformation — Scale & ROI Leader

    Remote SVP of Ops Transformation — Scale & ROI Leader

    Crossover • United Arab Emirates
    A global software firm seeks a Senior Vice President of Operational Transformation responsible for leading cross-functional initiatives with significant financial impacts.This role involves managin...أظهر المزيد
    آخر تحديث: 15 منذ أيام • عَرْضٌ مُرَوَّجٌ له
    Security Engineer – Palo Alto & Cisco Firepower

    Security Engineer – Palo Alto & Cisco Firepower

    Cygnus Technologies • United Arab Emirates
    A leading cybersecurity firm in Abu Dhabi is seeking a skilled Security Engineer to design, deploy, configure, and maintain Palo Alto Next-Generation Firewalls and related security appliances.The r...أظهر المزيد
    آخر تحديث: 3 منذ أيام • عَرْضٌ مُرَوَّجٌ له
    Remote Channel Solutions Architect : Cloud & Security

    Remote Channel Solutions Architect : Cloud & Security

    CyberArk • , , United Arab Emirates, United Arab Emirates
    A leading cybersecurity firm in the United Arab Emirates is seeking a skilled Channel Architect.This role focuses on partner enablement and developing go-to-market strategies for solutions across p...أظهر المزيد
    آخر تحديث: 3 منذ أيام • عَرْضٌ مُرَوَّجٌ له
    Head of Securities Product Strategy & Innovation

    Head of Securities Product Strategy & Innovation

    Mashreq Bank Pakistan Limited • United Arab Emirates
    A leading bank in the UAE is seeking a Product Manager to lead the design and development of investment products.The ideal candidate will have a minimum of 15 years of experience in brokerage or ca...أظهر المزيد
    آخر تحديث: 5 منذ أيام • عَرْضٌ مُرَوَّجٌ له