Senior Manager – Information Security Risk & Compliance (UAE National)
|Company Name:||Department of Tourism and Commerce Marketing||Company Industry:||Tourism|
|Employment Type:||Full Time||Location:||Dubai|
|Experience:||8 – 10 years of relevant experience with at least 5 years in a similar role|
|Degree:||Bachelor’s degree in Computer Science or related field|
Responsible for the development and delivery of information security strategy ensuring
compliance with overall strategic and tactical business objectives.
Provide strategic leadership and guidance to higher management on matters of information security risk,
compliance and information protection from strategic and tactical business objectives
Provides expert guidance to other c-level executives on matters of information security risk, compliance and
information protection from a strategic and tactical business objectives perspective.
Contributes to the development of the information security, risk and compliance strategy and
guides the development of operating plans for the reporting departments, in line with the stated function priorities.
Prepares and manages the annual budget for the function and reporting departments in
conjunction with the sector budget and secures subsequent approval, tracks expenditure and ensures adherence to the budget.
Defines the operating framework and policies for Information Security and ensures compliance with internal quality standards.
Plan, develop, review and update an organization wide information security risk assessment
methodology along with the senior management in the entity.
Establish annual and long – term information security and compliance goals, define security strategies,
metrics, reporting mechanisms and program
Identifies information security issues, concerns, threats and vulnerabilities in the current
environment and ensures the implementation of security systems and compliance with related
policies, report any non-conformance to the information security steering committee.
Manages the conduction of market research and studies with external consultants to identify
trends and latest practices that will enhance data protection against potential security breaches.
Plan and conduct periodic information security awareness training and education.
Reviews support strategy implementation with the tools and systems required for maximum
security and confidentiality of information across DTCM.
Plan, implement and maintain an information security program/management system that is
integrated with the Department processes.
Ensures that information security processes and procedures are thoroughly analysed so as to
determine the responsibilities, decision rights, and how each employee contributes to the
implementation of the process, without risking the security of operations.
Coordinate with the senior management on the identification and development of up to date
entity wide information assets register
Ensure that appropriate operational controls are selected and implemented according to the
results of the risk assessment
Assist and support senior management with their information security responsibilities.
Policies and Procedures:
Develops and monitors the implementation of policies related to information security, in line with government standards and international best-practice as applicable.
Manage institution-wide information security governance processes and lead information security liaisons in the establishment of an information security program and project priorities.
Manages the provision of access control to the different systems and databases to authorized
employees, in line with approved policies and procedures.
Provides guidance and advice to end users regarding potential threats and key considerations
for the safe usage of systems and exchange of information.
Lead the development and implementation of effective and responsible policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
Lead efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of security in the Department.
Ensure organization wide compliance to the information security program/management system and report non-conformance to the information security steering committee.
Assist and support senior management with their information security responsibilities
Training of employees an Information Security Plan and conduct periodic information security awareness, training and education.
Bachelor’s degree in Computer Science or related field
Master’s degree is preferred
Information security certifications are preferred (CPTC, CPTE, CSTA, CEPT, etc.)
8 – 10 years of relevant experience with at least 5 years in a similar role
Skills and Abilities:
Strategic orientation skills
Problem solving skills
Coaching and mentoring abilities
Speech and writing abilities
Disclaimer: JobFinderUAE.com is only a platform to bring job seekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information.We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, Use Contact Us to report it