أرسل لي وظائف مثل هذه
الخبرة
8 - 14 سنوات
موقع العمل
التعليم
بكالوريوس في تطبيق الحاسوب(أجهزة الكمبيوتر)
الجنسية
أي جنسية
جنس
غير مذكور
عدد الشواغر
1 عدد الشواغر
الوصف الوظيفي
الأدوار والمسؤوليات
Key Responsibilities
Governance, Policy & ISMS
- Responsible for overseeing the execution of the GRC program in collaboration with the executive team as well as maintaining the group s library of security controls.
- Lead the implementation, maintenance, and continuous improvement of the Group ISMS aligned with ISO/IEC 27001 standards.
- Develop, update, implement, and maintain information security policies, standards, and procedures.
- Ensure consistent implementation of information security governance across the group.
- Develop goals for data privacy based on legal regulations and other compliance needs, designs and implement privacy policies and practices, and assess these practices for effectiveness.
- Update security controls and provide support to all stakeholders on security controls covering internal assessments, laws, and regulations.
PCI DSS Compliance
- Manage the organization s PCI DSS compliance program, including scope definition, risk assessments, and coordination with Qualified Security Assessors (QSAs).
- Track remediation activities and ensure continuous compliance with PCI DSS requirements.
CBUAE Regulatory Compliance
- Ensure compliance with UAE Central Bank (CBUAE) information security and risk management regulations.
- Monitor regulatory updates and assess their impact on the organization.
Risk Management
- Identify, assess, evaluate, and mitigate IT Security risks by conducting information security risk assessments and maintain centralized risk registers.
- Track risk mitigation actions and report the security risk posture to management.
Audit & Compliance Management
- Ensure compliance with legal, regulatory, and contractual requirements.
- Coordinate internal audits, external certification audits, and regulatory assessments (ISO 27001, ISO 27005, NIST, PCI DSS, etc.).
- Track audit findings and ensure timely remediation and closure.
Security Awareness & Training
- Oversee organization-wide security awareness and compliance training programs.
الملف الشخصي المطلوب للمرشحين
Bachelor s degree in:
- Engineering
- Information Security
- Computer Science
- IT Risk Management or a related discipline.
Experience & Skills
8 12 years of experience in Cybersecurity, Information Security Governance, Risk Management and Compliance Audit.
Deep understanding of frameworks like ISO 27001, PCI-DSS, DESC ISR, etc.
Preferred Certifications
- CISSP
- CISM
- CISA
- CRISC
- ISO 27001 Lead Implementer / Lead Auditor
القطاع المهني للشركة
المجال الوظيفي / القسم
الكلمات الرئيسية
- Information Security Risk & Compliance Manager
تنويه: نوكري غلف هو مجرد منصة لجمع الباحثين عن عمل وأصحاب العمل معا. وينصح المتقدمون بالبحث في حسن نية صاحب العمل المحتمل بشكل مستقل. نحن لا نؤيد أي طلبات لدفع الأموال وننصح بشدة ضد تبادل المعلومات الشخصية أو المصرفية ذات الصلة. نوصي أيضا زيارة نصائح أمنية للمزيد من المعلومات. إذا كنت تشك في أي احتيال أو سوء تصرف ، راسلنا عبر البريد الإلكتروني abuse@naukrigulf.com