Senior Information Security Officer

Requirements:

• Bachelors Degree in Computer Science Computer Engineering Information Security or related fields. Advanced degree preferred.
• Proven track record of 5 years in Information Security preferably in FinTech/Ecommerce industry.
• Certifications in CISA/CISM ISO 27001 lead implementer would be a plus.
• Strong knowledge of information security management frameworks (e.g. ISO/IEC 27001 NIST SOC2).
• Solid experience in implementing and monitoring the security protocols in AWS Cloud CRM ERP and Web Applications.
• Indepth understanding of network and application security including threat intelligence vulnerability management and security monitoring.
• Excellent leadership and communication skills.
• Strong problemsolving and analytical abilities.
• Ability to manage and prioritise multiple projects.

Responsibilities:

Leadership and Strategy Development:

• Develop implement and maintain a comprehensive information security strategy for the company.
• Ensure the strategy is aligned with business objectives and complies with regulatory requirements especially from UAE and KSA regions.

Risk Management:

• Identify evaluate and report on information security risks in a manner that meets compliance and applicable regulatory requirements.
• Develop and implement risk management frameworks and methodologies that are aligned with the companys business objectives.

Policy and Governance:

• Establish and maintain an information security governance framework.
• Develop implement and enforce information security policies procedures and standards in coordination with other relevant stakeholders.

Incident Management:

• Lead the response to security incidents and breaches ensuring effective containment investigation and resolution.
• Conduct postincident analysis to identify root causes and improve future response efforts.

Compliance and Audit:

• Ensure compliance with relevant legal regulatory and contractual requirements of the company.
• Coordinate security audits and assessments and address audit findings in collaboration with other Teams.

Security Operations:

• Oversee the management and operations of security technologies such as firewalls intrusion detection/prevention systems and endpoint protection performed by other IT Teams.
• Ensure the continuous monitoring of security threats and vulnerabilities.

Awareness and Training:

• Develop and implement a security awareness and training program for employees.
• Promote a culture of security awareness across the organisation.

Collaboration:

• Work closely with other distributed IT teams including Software Development Architecture Data Protection Operations etc.
• Collaborate effectively with cross functional teams including Finance & Analytics Operations Products etc. to integrate security into all aspects of the organisations operations.

Vendor Management:

• Evaluate and manage relationships with security vendors and service providers.
• Ensure thirdparty compliance with security standards and policies.

Remote Work :

No