Job Openings Senior Information Security Officer

About the job Senior Information Security Officer

Requirements:

  • Bachelor's Degree in Computer Science, Computer Engineering, Information Security or related fields. Advanced degree preferred.
  • Proven track record of 5+ years in Information Security preferably in FinTech/E-commerce industry.
  • Certifications in CISA/CISM, ISO 27001 lead implementer would be a plus.
  • Strong knowledge of information security management frameworks (e.g., ISO/IEC 27001, NIST, SOC-2).
  • Solid experience in implementing and monitoring the security protocols in AWS Cloud, CRM, ERP and Web Applications.
  • In-depth understanding of network and application security, including threat intelligence, vulnerability management, and security monitoring.
  • Excellent leadership and communication skills.
  • Strong problem-solving and analytical abilities.
  • Ability to manage and prioritise multiple projects.

Responsibilities:

Leadership and Strategy Development:

  • Develop, implement, and maintain a comprehensive information security strategy for the company.
  • Ensure the strategy is aligned with business objectives and complies with regulatory requirements especially from UAE and KSA regions.

Risk Management:

  • Identify, evaluate, and report on information security risks in a manner that meets compliance and applicable regulatory requirements.
  • Develop and implement risk management frameworks and methodologies that are aligned with the company's business objectives.

Policy and Governance:

  • Establish and maintain an information security governance framework.
  • Develop, implement, and enforce information security policies, procedures, and standards in coordination with other relevant stakeholders.

Incident Management:

  • Lead the response to security incidents and breaches, ensuring effective containment, investigation, and resolution.
  • Conduct post-incident analysis to identify root causes and improve future response efforts.

Compliance and Audit:

  • Ensure compliance with relevant legal, regulatory, and contractual requirements of the company.
  • Coordinate security audits and assessments, and address audit findings in collaboration with other Teams.

Security Operations:

  • Oversee the management and operations of security technologies, such as firewalls, intrusion detection/prevention systems, and endpoint protection performed by other IT Teams.
  • Ensure the continuous monitoring of security threats and vulnerabilities.

Awareness and Training:

  • Develop and implement a security awareness and training program for employees.
  • Promote a culture of security awareness across the organisation.

Collaboration:

  • Work closely with other distributed IT teams including Software Development, Architecture, Data Protection, Operations, etc.
  • Collaborate effectively with cross functional teams including Finance & Analytics, Operations, Products, etc. to integrate security into all aspects of the organisations operations.

Vendor Management:

  • Evaluate and manage relationships with security vendors and service providers.
  • Ensure third-party compliance with security standards and policies.