Chief Information Security Officer (CISO) – UAE

Job Details

KEY ACCOUNTABILITIES: 

Develops, implements, and monitors a strategic, comprehensive enterprise information security and IT risk management program.

• Works directly with the business units to facilitate risk assessment and risk management processes.

• Develops and enhances an information security policy and supporting frameworks.

• Understands and interacts with related business units to ensure the consistent application of policies and standards across all technology projects, systems, and services.

• Partners with business stakeholders across the company to raise awareness of risk management concerns.

• Assists with the overall business technology planning, providing current knowledge and a future vision of secure technology and systems.

• Creates annual operating plans for all the information security initiatives for required budget approvals as per planned information security strategy implementation roadmap

• Establishes performance management metrics for Information Security Office with critical success factors and thresholds and monitors the key performance indicators.

Information Security Risk Assessments, Audits, and Certifications:

Defines and develops the information security risk management framework to manage the risks.

• Identifies evaluates, categorizes, and proposes risk mitigation controls.

• Conduct periodic risk assessments and present a report to  Management to ensure that risks are not duplicated or contradicting with other management systems.

• Periodically determine compliance with defined policies or standards.

• Maintain risk register and track all risks and their treatments in order to inform the Executive Management.

Minimum Qualifications:

Bachelor’s degree in Computer Science, Computer Engineering, Information Systems Management, Information Security or related field.

• Master’s degree in Executive Business Administration or Computer Systems Security.

• IT security certifications such as CISSP/GICSP/CISM/CISA/CRISC/CEH/etc.

Minimum Experience:

10+ years’ experience in Technology, 7+ years in Cyber/Info Sec including leadership roles. Solid experience creating systems to implement information security strategy, frameworks & roadmap.