- Acts as advisor to upper management in Cybersecurity matters. Provides guidance to Cybersecurity architects in the design and development of security solutions
- Directs security solutions and technical assurance in alignment with business risk and regulatory requirements
- Works closely with management to define and promote the strategic direction of the team. Develops cyber solutions, internal processes and standards for threat intelligence workflow
- Articulates defensive security measures, define new security requirements and develop mitigation techniques to maximize protection and preservation of the Brand
- Advises leadership on the entire range of risk matters facing the department and ensures the mitigation of operational risk. Ensures compliance to audit, regulatory and legal requirements
- Designs metrics models and develops advanced capabilities to ensure confidentiality, integrity, availability, authentication and non-repudiation. Develops unique cybersecurity performance and risk indicators to maintain constant awareness of status of the highly dynamic operating environment
- Mentor and provide leadership to the team ensuring assessments products are risk-based, accurate and meet the enterprise governance / service level agreement requirements.
- Provide expert level guidance and coaching for complex vendor assessments managing the risk appropriately.
- Demonstrate strong understanding of Third Party Risk Management (TPRM) program and associated governance oversight including Issues management.
- Continuously partner to enhance the TPRM Subject Matter Expert (SME) program to perform comprehensive security assessments of third-party vendors to identify risks and vulnerabilities.
- Report the SME program Key Risk Indicator metrics to senior management.
- Demonstrate ability to analyze ISO 27001, SOC 2, SIG, and familiarity with security frameworks such as NIST 800-53, CSF, financial services related regulatory guidance / laws such as GLBA, FFIEC and international regulations such as GDPR.
- Collaborate closely with key stakeholders including internal business partners, second line, auditors, risk officers and vendors as the lead subject matter expert.
- Manage the life cycle of cyber findings / Issues and liaison with stakeholders for permanent remediation.
- Assist in the review and maintenance of TPRM governance Standard documentation related to the program.
- Liaison with Business Information Security Office (BISO) team to optimize workload delivery.
- Actively monitor and escalate risk and customer-impacting issues within the day-to-day role of management.
- Demonstrate excellent value-added communication and technical writing skills.
- Advance knowledge / seek training in the field of information security management including the emerging threat actors' techniques, tactics, and procedures (TTP).
- Be a frequent value-added in forums and achieve team commitments (and influence the team do the same leading by example) by using informal leadership & advanced communication skills.
- Communicate effectively and promptly every day and lead vendor risk discussions at Discover. Conduct oversight on program impacting decisions. Guide team to achieve key results for the assigned security assessment tasks.
- Bachelors – Computer Science, Information Security, Business or Analytics or related
- 8+ Years – Information Security, Cybersecurity, Computer Science, Data Analytics or related
- In lieu of a degree, a minimum of 10+ Years of experience in Information Security, Cybersecurity, Computer Science, Data Analytics or related
- 6+ years in core third party vendor risk management focused on assessment of information security controls, at least 2 years in a leadership role.
- Principles of enterprise risk management lifecycle.
- Familiarity with Incident Response, penetration testing principles, Common Vulnerability Scoring System (CVSS), and MITRE
- GIAC, CISSP or CISM certifications.
- Knowledge of Business Continuity Planning (BCP) / Resiliency principles.
- Familiarity with industry cybersecurity frameworks / standards such as NIST 800-53, PCI-DSS and CSA.
- Notable experience in assessment of technological information security threats and controls and risk tiering based on a risk management framework.
- Understanding of Agile methodology.
-
Expert Vulnerability Analyst
4 days ago
Energy Jobline Dubai, United Arab EmiratesResponsibilities · Acts as advisor to upper managementin Cybersecurity matters. Provides guidance to Cybersecurityarchitects in the design and development of securitysolutions · Directs security solutions andtechnical assurance in alignment with business risk and regulatoryrequir ...
-
Security Analyst
1 day ago
JBS Best Security Services Dubai, United Arab EmiratesWe are looking for a meticulous and detail-oriented security analyst to be responsible for monitoring the security systems in our organization. The security analyst's responsibilities include securing our online and on-premises infrastructures, filtering out suspicious activity, ...
-
SOC Analyst
17 hours ago
Dexiconn Dubai, United Arab EmiratesMonitor security alerts and events using SIEM tools under the guidance of senior analysts. · - Conduct preliminary analysis of security incidents to assess severity and escalate as necessary. · - Assist in investigating and responding to security incidents, following established ...
-
Security Risk Manager
1 day ago
Pinkerton Consulting & Investigations, Inc Dubai, United Arab EmiratesSecurity Risk Manager · We are as invested in your career as you are. · As you navigate through these uncertain times, know that Pinkerton has been a stable, thriving corporation for over 170 years. As recognized leaders around the globe in the corporate risk management industry, ...
-
Risk Manager
17 hours ago
Pinkerton Consulting & Investigations, Inc Dubai, United Arab EmiratesRisk Manager · We are as invested in your career as you are. · As you navigate through these uncertain times, know that Pinkerton has been a stable, thriving corporation for over 170 years. As recognized leaders around the globe in the corporate risk management industry, you can ...
-
Information Security Analyst
17 hours ago
Gulftainer Sharjah, United Arab EmiratesExperience:_ 5 - 8 yrs. · - Education:_Bachelor of Technology/Engineering, Bachelor of Science · - Nationality:_ Any Nationality · - Industry Type:_Shipping / Freight · - Functional Area:_System Administration / Network Administration / Security (IT Software) May 6,2024 · - Conti ...
-
Security Analyst
1 day ago
Information System Associates Sharjah, United Arab EmiratesSecurity Engineer · Key responsibilities of a Security Engineer · 1.Plans and directs the implementation and testing of security systems concept and architecture, and prepares security standards, policies, and procedures. · 2. Implements cloud-based security for ISA products like ...
-
Cyber Security Risk Analyst
5 days ago
ARENGY Dubai, United Arab EmiratesARENGY is an IT-Digital and Engineering Consulting Company operating in the Middle East from Dubai. Our customers are the most successful industry leaders executing projects around the globe. We are partnering with one of the leading Railway System Company in Dubai. We are lookin ...
-
Cyber Security Analyst-IT
1 day ago
Careers International Dubai, United Arab EmiratesPosition Overview: The Cyber Security Analyst plays a critical role in safeguarding the digital assets and information of a FastMoving Consumer Goods (FMCG) company from cyber threats and attacks. This position involves monitoring analyzing and responding to security incidents im ...
-
Cyber Security Analyst-IT
1 day ago
Careers International Dubai, United Arab EmiratesPositionOverview: The Cyber Security Analyst plays a criticalrole in safeguarding the digital assets and information of aFastMoving Consumer Goods (FMCG) company from cyber threats andattacks. This position involves monitoring analyzing and respondingto security incidents impleme ...
-
SOC Manager
5 days ago
Halian uae Dubai, United Arab EmiratesManage and lead a team of security analysts and SOC personnel. · Oversee the day-to-day operations of the SOC, including monitoring, analysis, incident response, and reporting. · Develop, implement, and maintain SOC policies, processes, and procedures to ensure effective security ...
-
Splunk Engineer
17 hours ago
K20S Kinetic Technologies Private Limited Dubai, United Arab Emirates*Job Description: Splunk Certified Forensic Analyst* · *Position:* Splunk Certified Forensic Analyst · *Location:* Dubai · *Company:* Cyber Security · *About Us:*Cyber Security & MSSP · *Job Description:* · We are seeking a highly skilled Splunk Certified Forensic Analyst to join ...
-
Splunk Engineer
21 hours ago
K20S Kinetic Technologies Private Limited Dubai, United Arab Emirates*Job Description: Splunk Certified ForensicAnalyst* · *Position:*Splunk Certified ForensicAnalyst · *Location:*Dubai · *Company:*CyberSecurity · *AboutUs:*Cyber Security &MSSP · *JobDescription:* · Weare seeking a highly skilled Splunk Certified Forensic Analyst tojoin our team. ...
-
Commercial Manager
2 days ago
Al Marwan Group Holding Dubai, United Arab EmiratesJob Title:IT Cyber SecurityDirector · Location: Cleveland, OH (100% onsite) · The Director of CyberSecurity will be responsible for anenterprise cybersecurity and IT risk managementYou will provide the leadership necessary to manage the risk to theorganization and will ensure bus ...
-
Commercial Manager
2 days ago
Al Marwan Group Holding Dubai, United Arab EmiratesJob Title: IT Cyber Security Director · Location: Cleveland, OH ( 100% onsite) · The Director of Cyber Security will be responsible for an enterprise cybersecurity and IT risk management You will provide the leadership necessary to manage the risk to the organization and will en ...
-
Cloud Engineer
2 days ago
Dautom Dubai, United Arab EmiratesClient Introduction: · In this role you will have the opportunity to work closely with one of our esteemed clients. This client is a global leader in the Real Estate industry known for its commitment to quality and innovation. They have chosen Dautom as their trusted partner for ...
-
PE Teacher
17 hours ago
Deira International School Dubai, United Arab EmiratesOur client, Virga Labs, is adding a Head of Service to lead their client services ; This is an opportunity to manage a service portfolio that includes clients who are working on solving for some of our most difficult societal challenges around water resources, climate, and the Co ...
-
Cloud Engineer
13 hours ago
Dautom Dubai, United Arab EmiratesClient Introduction: · In this role, you will have the opportunity to work closely with one of our esteemed clients. This client is a global leader in the Real Estate industry, known for its commitment to quality and innovation. They have chosen Dautom as their trusted partner fo ...
Expert Vulnerability Analyst - Dubai, United Arab Emirates - Energy Jobline
Description
Responsibilities
Minimum Qualifications
At a minimum, here's what we need from you:
Internal applicants only: technical proficiency rating of expert on the Dreyfus cybersecurity scale
Qualifications
If we had our say, we'd also look for: