Information Security Management System Resource - Dubai, United Arab Emirates - Virtua Advanced Solution

Virtua Advanced Solution
Virtua Advanced Solution
Verified Company
Dubai, United Arab Emirates

1 week ago

Ahmed Al-Mansouri

Posted by:

Ahmed Al-Mansouri

beBee Recruiter
Description
Company Description


Trans Skills is a trusted advisor to many of the Middle East's most respected organizations and a leading Human Resources Services Firm with an International Network active in 55 countries.

Our clients range from the largest corporations to emerging growth companies and government bodies. We work at the highest levels of leadership to create tangible and enduring business impact.


Our core services include:

  • Multicountry Payroll Outsource covering META
  • Multicountry Single SaaS Platform
  • Executive Search and Specialized Recruitment Services
  • Manpower Outsourcing (EOR/PEO)
  • HR Digital Transformation
  • Psychometric Assessment, Gamified Learning, Coaching and Performance Management

Job Description:


  • Have good understanding in ISMS - ISO 27001, ISO 22301:2019, ISO/

IEC :
2018 / ISR


  • Good Understanding of ITIL process i.e. Incident, Change, Request and problem Management.
  • Hands on experience in ISMS implementation, management and Security Incident handling.
  • Experience in conducting Problem Management, RCA.
  • Ability to handle critical issues/problems.
  • Good documentation skills.
  • Strong analytical and troubleshooting skills.
  • Knowledge on Application Security, Database Security and Risk management.
  • Gap assessment of ISMS and Business Continuity Management for ISR.
  • Implementation of ISR and ISMS across DUBAI SOUTH.
  • Risk management and risk review.
  • ISMS Maintenance.
  • Policies and procedure creation, review and updates.
  • Framework creation and implementation.
  • Internal audit scheduling and continual improvement.
  • External audit support and prepare CAPA.

Qualifications:


  • Bachelor's Degree, Engineering, or related degree required.
  • Fluency in English is a must.
  • Industrial certifications.
  • A minimum of ten years of IT experience, with five years in information security.
  • Gap assessment of ISMS, Risk management, risk review, ISMS Maintenance.
  • CV of the resources.
  • Experience certificate of the resources.
  • Detailed information about the similar projects involved in the past.
  • Training certificates.
Additional Information

  • Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.
  • Manage the enterprise's information security organization, consisting of direct reports and indirect reports (such as individuals in business continuity and IT operations). This includes hiring, training, staff development, performance management and annual performance reviews.
  • Develop, maintain and publish uptodate information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices.
  • Create, communicate and implement a riskbased process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants and other service providers.
  • Create and manage information security and risk management awareness training programs for all employees, contractors, and approved system users.
  • Work directly with the business units to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk.
  • Provide regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program.
  • Coordinate information security and risk management projects with resources from the IT organization and business unit teams.
  • Ensure that security programs comply with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
  • Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts to address negative findings.
  • Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals. Coordinate the development of implementation plans and procedures to ensure that businesscritical services are recovered in the event of a security event. Provide direction, support and inhouse consulting in these areas.
  • Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors.
  • Manage security issues and incidents and participate in problem and change management forums. Ensuring timely reporting and adequate participation in investigation for ICT security incidents, with DS ISSC and / or Law Enforcement agencies as applicable.
  • Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation.
  • Work with the
More jobs from Virtua Advanced Solution
See all jobs of Virtua Advanced Solution