Information Security Professional Senior - UAE National - Injazat Data Systems ~ UAE LABOURS

Information Security Management

Create and maintain Statement of Applicability to determine, document and establish controls of information security required as per ISO 27001 standard for enterprise Injazat.
Document information security policies, processes and procedures by assigning ownership, mapping controls to key business areas and objectives and manage the policy development life cycle process by handling policy exceptions.
Recommends and influences new or existing information security processes, procedures and methodologies.
Responsible to maintain and protect the confidentiality, integrity and availability (CIA)
quotient by evaluating people, process, tools and technologies required for an enterprise’s
mission critical assets.
Determines strategic and tactical compensating security controls that are required to
mitigate the threats, risks and vulnerabilities that are identified.
Assists in managing and maintaining Injazat Enterprise Business Continuity Management
program.
Oversee and assist in monitoring of the organisation IT systems by assessing risks
periodically, conducting current statement assessments and gap analysis.

Governance, Risk and Compliance

Apply clear, accurate controls per compliance requirements and internal controls in order to communicate better and report on compliance obligations thereby proactively manage the regulatory, framework and standard changes across the business.
Maintain and manage the Risk Management framework that establishes structure and
accountability for risks, threats, issues and vulnerabilities with remediation and mitigation plans.
Reduce the risk of security threats, poor or misaligned security practices and operational
security compliance failures.
Develop and maintain a consolidated catalogue that demonstrates the compliance quotient for all applicable standards and frameworks like ISO and local regulations like Mubadala, NESA, ADSIC and NCEMA

Assessments, Audits and Certifications

Responsible for periodic, timely risk assessment and treatment of Information security systems and sub-systems to determine compliance with defined policies or standards.
Conducts benchmark exercises by comparing, measuring and documenting the differences between requirements, specifications, frameworks or standards and present practice.
Documents and/or reports compliance review results and follows up to ensure preventive
and corrective action is taken.
Initiate vulnerability assessments periodically as a proactive approach by identifying
potential risks and ensure the resolution with the respective business units.
Conducts high level gap analysis to gauge information security outlook of business units and enterprise environment.
Ensure compliance through adequate training and awareness programs and periodic internal
audits.

Consulting and Professional services

Assesses client's information technology security. Determines its ability to meet the client's current and future business objectives and strategic direction. Provide a comprehensive assessment reports to the client.
Engages with client to assess information security requirements, align to available service offerings or identify re-use opportunities.
Identifies and documents where the business requirements match standard offerings,
deviations from standard offerings or where existing client specific solutions can be re–used.
Provides solution consulting to clients, Injazat delivery groups and /or other team members
Evaluates the effectiveness, strengths, weaknesses, opportunities and threats of existing infrastructure and applications.
Facilitates clients with current statement assessments, gap analysis and implementing
controls required for ISO 27001, ISO 22301 certifications and local standards like Mubadala, NESA, NCEMA and ADSIC.

Job Details

Posted Date:	2018-10-04
Job Location:	Abu Dhabi, United Arab Emirates
Job Role:	Information Technology
Company Industry:	Information Technology

from Jobs in UAE | Bayt.com https://ift.tt/2Pabj7j