Information Security Administrator Techmantra Gulf DMCC

The Information Security Administrator will be responsible for managing and maintaining the organization’s security infrastructure, monitoring, and responding to security incidents, and ensuring compliance with regulatory standards (ISO 27001:2022, ADHICS, IA Standard – UAE). This role involves proactive threat management, vulnerability remediation, conducting Security reviews on various environments / application, participate in security analysis and design, and supporting business continuity and risk management initiatives.

Key Responsibilities

1. Security Operations & Incident Management

• Act as the primary liaison with the MSSP SOC provider for continuous monitoring and analysis of security alerts from SIEM and other security tools.
• Investigate, triage, and respond to security incidents, ensuring timely containment, eradication, and recovery.
• Implement and enforce security controls to block Indicators of Compromise (IOCs) and mitigate threats across infrastructure and applications.
• Maintain detailed incident documentation and ensure compliance with audit requirements.

2. Vulnerability & Threat Management

• Perform regular vulnerability assessments and coordinate remediation with relevant teams.
• Track and report on vulnerability closure status and escalate delays to management.
• Ensure timely patching and configuration hardening across servers, endpoints, and network devices.

3. Security Infrastructure Administration

• Managing security tools such as SIEM, EDR/XDR, WAF, IDS/IPS, Proxy, NAC, Microsoft E5 Security suite with support of various vendors / internal IT team members
• Managing CyberArk PAM Solution independently (knowledge of any PAM solution is desirable) – Support available from vendor.
• Optimize security configurations and ensure integration with monitoring and alerting systems.
• Support deployment and tuning of SOAR workflows for automated incident response.

4. Compliance & Governance

• Ensure adherence to regulatory and industry standards (ISO 27001, ADHICS, IA Standard).
• Assist in internal and external audits, providing evidence and remediation plans.
• Maintain and update security policies, SOPs, and guidelines.
• Understanding of GRC practices
• Should be able to participate in drafting policies, guidelines, and SOPs.
• Should be able to conduct GAP Assessments

5. Reporting & Metrics

• Prepare weekly and monthly security dashboards, vulnerability metrics, and incident KPIs for management review.
• Develop Power BI or similar dashboards for real-time visibility of security posture.

6. Business Continuity & Risk Management

• Support the implementation of the Business Continuity Program, including BCP drills, table-top exercises, and staff training.

Assist in conducting Information Security Risk Assessments and implementing mitigation plans