الوصف الوظيفي
Responsible for Client information security involving planning, organizing, coordinating risk management activities, such as risk assessment, analysis and treatment. In addition, the security consultant has to apply knowledge and work experience of information security management policies, processes, technologies and systems solution to protect the confidentiality and integrity of Client, employees and business information in compliance with Client’s Information Security Policy and the ISO 27001 Standard.
1. Actively protect the availability, confidentiality, and integrity of Client, employees, and business information
2. Provide support to customer governance risk, compliance (GRC) and/or identity and access management assessments and design strategies incorporating APT threat landscape considerations.
3. Work with other information security team members to develop security architecture and design documents to ensure consistency, accuracy and compliance with the articulated security posture and industry requirements
4. Manage and maintain the overall Information Security Management System ISMS
5. Provide and deliver security solutions and consulting services to Carrier and Enterprise customers.
6. Develop security architecture designs (high level & Low level)
7. Perform design and implementation security reviews for different parts of custom build applications.
8. Oversee and coordinate security efforts across the group, including information technology, human resources, communications, legal, facilities management and other groups, to identify security initiatives and standards
9. Develop recommendations for security issues and vulnerabilities identified during assessments
10. Determines strategic and tactical compensating security controls that are required to mitigate the threats, risks and vulnerabilities that are identified.
11. Provide ongoing subject matter expert support for the client
12. Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
13. Maintain and execute compliance in regards to ISO 27001 certification
14. Conduct Risk Assessment, identify and evaluate complex business and technology risks, maintain the information security Risk Register and facilitate control selection & implementation for potential security solutions.
15. Oversee and assist in monitoring of the organization IT systems by assessing risks periodically, conducting current statement assessments and gap analysis.
16. Overarch and guide the Security Operations Center SOC team
17. Assesses client’s information technology security. Determines its ability to meet the client’s current and future business objectives and strategic direction. Provide a comprehensive assessment reports to the client.
18. Manage and Participate in the business service continuity
19. Consult with pressing Information security matters and new business requirements
20. Implement programs for user awareness, and deliver user, administrator and management security awareness sessions
21. Design and implement specialized training content and competence/effectiveness assessments in areas of practice.
22. Research, identify and incorporate advanced cyber defense enhancements and new solutions from the field to address security weaknesses and work with relevant stakeholders to implement them
23. Ensure implementation of corrective action and maintain relevant documentation as required by internal & external auditor
24. Evaluates the effectiveness, strengths, weaknesses, opportunities and threats of existing infrastructure and applications.
25. Reviews change requests for compliance to ITIL & ISO 27001 standards, in regards to the systems, applications and network operations including infrastructure and security devices
26. Research, analyze and recommend new technology products internally and externally using a Supplier selection framework based on Strategic Placement in the market.
المهارات
Bachelor’s Degree in IT, Computer Science or Engineering
At least 3 of the following certificates: CISSP, CISM, CISA, CRISC, CEH, ISO 27001/LA
CCSP Security, CSSLP, TOGAF, ITIL v3, GIAC, SABSA
8+ years of related experience in IT and or Information security;
Preferred 5+ years in professional experience in Security Office.
Must have strong working knowledge of information technology, including applications, networks and systems.
Knowledge in performing IT Audit reports
Experience in performing Risk Assessments reports.
Experience in developing Business Continuity Plans.
Experience in Corporate Security strategy and Roadmap
Technical writing skills
Advanced understanding of business processes, internal control risk management, IT controls and related standards
Experience in using MS Office, MS Visio
Experience in project management, problem-solving, training/coaching, presentation skills, and conflict resolution skills.
General knowledge of COBIT, ITIL or other control frameworks
Independent, motivated, and ambitious personality
Excellent Command of English language and Communication Skills
تفاصيل الوظيفة
منطقة الوظيفة أبوظبي, الإمارات العربية المتحدة
قطاع الشركة تكنولوجيا المعلومات
طبيعة عمل الشركة صاحب عمل (القطاع العام)
الدور الوظيفي تكنولوجيا المعلومات
نوع التوظيف دوام كامل
الراتب الشهري $10,000 - $15,000
عدد الوظائف الشاغرة 1
المرشح المفضل
المستوى المهني إدارة
عدد سنوات الخبرة الحد الأدنى: 8 الحد الأقصى: 15
منطقة الإقامة الإمارات العربية المتحدة
الجنس ذكر
الجنسية الأردن; الإمارات العربية المتحدة; البحرين; الجزائر; السودان; الصومال; العراق; الكويت; المغرب; المملكة العربية السعودية; اليمن; تونس; جزر القمر; جيبوتى; سوريا; عمان; فلسطين; قطر; لبنان; ليبيا; مصر; موريتانيا
الشهادة بكالوريوس/ دبلوم عالي
https://www.bayt.com/ar/uae/jobs/information-security-consultant-3888103/
Printable Page 
Report Advertisement