We are one of the largest insurance brokers in the UAE and looking to hire Information Security Manager as a home-position.
- The role will require a solid understanding of information security, security infrastructure and business security.
- You will work with key stakeholders to analyze, define and implement industry best practices in line with maintaining and improving the company's overall security.
- You will also oversee IT-related risk management activities and will translate risk requirements and constraints of the business into technical control requirements and specifications, as well as provide regular status updates to management.
- Design policies, guidelines and appropriate architectural principles to ensure the company's cyber security goals are met;
- Work closely with the executive team and IT stakeholders to ensure that appropriate security measures are implemented for ongoing and upcoming digital initiatives
- Provide reports to summarize risk assessment and security activities, including objectives, planning, methodology, results, analysis and recommendations
- Develop, plan and implement Information Security projects
- Identify opportunities for enhancing the company's security, ensuring minimal impact to BAU;
- Act as Data Protection Officer ensuring systems and the information within them adhere to company data security protocols
- Ensure the company has an effective data retention and archiving process in place for systems that hold company data
- Bachelor's degree or Masters in Information Security, Information Systems or Information Technology
- 5+ years experience in Information Security or equivalent, at least 2 years in supervisory role
- Preferred industry qualifications - CISSP / CISA / CRISC/ ISO 27001 LA Certification
- Understanding of information security principles and industry best practices (e.g., ISO27001)
- Good understanding of the security risks associated with commonly used information technology systems that handle company data and implementing controls (eg. SaaS, email services);
- Experience running detailed risk assessment audits to identify technology security weaknesses
- A good understanding of IT networking and access management concepts;
- Ability to present security topics to a non-technical audience and highlight the business value
- Excellent interpersonal skills with the ability to build and influence teams