Information Security Compliance Officer

Munawer M 2 days ago 2 Views

NMC

Information Security Compliance Officer Jobs in Abu Dhabi, UAE

 

Job Description

  • Responsible for the planning, development and implementation of cybersecurity policies, procedures, standards, and controls. Leads day to day compliance audits/assessments, governance, and risk management functions to ensure the protection of corporate information systems, networks, and data.

Responsibilities

  • Continuously validate the organization against policies, guidelines, procedures, regulations, and laws to ensure compliance.
  • Develop an annual compliance plan to ensure adequate auditing of compliance to cyber security policies and guidelines.
  • Develop and maintain detailed compliance monitoring mechanisms and frameworks.
  • Execute periodic and ad-hoc compliance checks and cyber risk assessments to ensure that cyber security controls and measures are adherent to the mandated cyber security policies and guidelines.
  • Develop policy compliance reports including required corrective actions and recommendations.
  • Conduct cyber security risk assessments based on current state of adherence to policies and rate of adoption of security controls and mechanisms.
  • Provide remedial actions against non-compliance and collaborate to develop plans to reach a state of compliance.
  • Follow up on the implementation status of defined corrective actions to adhere to policies.
  • Organize policies, standards training, and awareness based the on periodic release of updated regulations or compliance mechanisms as required.
  • Assess the effectiveness of security controls.
  • Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
  • Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network.
  • Develop security compliance processes and/or audits for external services (e.g., cloud service providers, data centres).
  • Ensure compliance with regulatory requirements across the emirates such as ADHICS, Riyathi.
  • Ensure compliance with the standards such as ISO 27001, SOC 2 & PCI DSS.
  • Perform access review of the systems such as VPN, Removable Media, Audit logs, Admin access, Antivirus, PAM Access.
  • Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
  • Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risk. • Assure successful implementation and functionality of security requirements and appropriate policies and procedures that are consistent with the organization’s mission and goals.
  • Manage Information Security Business Continuity Plans.
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
  • Ensure that security design and cybersecurity development activities are properly documented (providing a functional description of security implementation) and updated as necessary.
  • Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals.
  • Ensure the security of bio-medical equipment’s.
  • Manage the internal relationship with information technology (IT) process owners supporting the service, assisting with the definition and agreement of Operating Level Agreements (OLAs).
  • Ensure including information security requirements in project management and ensure the protection of data during the project management lifecycle.
  • Develop the strategy, goals, and objectives for the cyber security training, and awareness program.
  • Develop new or identify existing awareness and training materials that are appropriate for intended audiences.
  • Evaluate the effectiveness and comprehensiveness of existing training and awareness programs.

Qualifications

  • Bachelor’s degree in computer science/engineering, information security, software engineering, systems engineering, Electronics & Communication Engineering, or information systems.
  • Lead Auditor/Implementer ISO 27001
  • Lead Auditor/Implementer ISO 22301
  • Certified Information Security Manger (CISM)
  • Certified Information Security Auditor (CISA)
  • Certified Risk and Information Systems Control (CRISC)
  • Certified Information Systems Security Professional (CISSP)
  • GRC Professional (GRCP) • Certified Governance of Enterprise IT (CGEIT)

To apply for this job please visit eiby.fa.em2.oraclecloud.com.

About Munawer M

Munawer is a seasoned recruiter, career blogger, and job consultant specializing in the dynamic job markets of Dubai, Abu Dhabi, Sharjah, and across the UAE. With a deep understanding of local employment trends and industry demands, he regularly shares valuable insights through his career-focused articles, helping job seekers stay ahead in an ever-evolving market. Munawer’s personalized recruitment and consulting services empower individuals to enhance their skills, navigate the competitive UAE job landscape, and secure roles that align with their career aspirations. He is dedicated to connecting talent with the right opportunities in the region’s thriving economy.

walk in interview in dubai

Search and Apply for More Jobs

DMCA.com Protection Status
Copyright © 2024. Fresh Gulf Job. All rights reserved.
Join Group Join Channel telegram