Your Message could not be sent.

Your message has been sent

IT Security Specialist in Dubai - United Arab Emirates

Experience: 10 - 15 yrs. | Opening: 1
Education:Basic - Bachelor of Science(Computers), Bachelor of Technology/Engineering(Computers)
Nationality: Any Nationality
Industry Type: General Trading / Export / Import
Other Benefits:Family Medical Insurance & tickets, Paid Annual Leaves, Kids Education Allowance
Functional Area:System Administration / Network Administration / Security (IT Software) Sep 9, 2019


Job Description

Job Role & Purpose:
• Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems.
• Investigates major breaches of security, and recommends appropriate control improvements. Contributes to development of information security policy, standards and guidelines. Applies and maintains specific security controls as required by organisational policy and local risk assessments. Investigates suspected attacks and manages security incidents. Uses forensics where appropriate. Acting as single point of contact for security related program for internal and external stake holders.

Main Responsibilities:
IT/Information Security Strategy
• Work with Group IT Infrastructure Head to contribute in developing IT/Information Security strategy and roadmap for the business, aligned with the business strategic goals and the business operating model.
• Contribute to security strategy and architecture by identifying gaps, evaluating, recommending and implementing solutions.
• Support the implementation of the IT/Information Security strategy aligned to business strategic priorities

Information Security Program
• Identifying, Developing, and maintaining information security policies, procedures and guidelines to meet the current needs and based on ISO 27000 standard.
• Assist IT business units in identifying the vital business functions, assessing the CIA aspects and recommending necessary controls, preparing cost/budget.
• Identifying and documenting the industry standard compliance requirements ex: PCI-DSS, Data Protection etc. and bring into the attention of management along with possible recommendation of controls.
• Assist IT management in performing audit on information security policy & procedure compliance/ assurance.
• Improving security posture by performing or facilitating vulnerability analysis, identifying issues and coordinating to implement controls, policies and procedures. Mentoring IT team members, answering technical and procedural queries from various state holders.
• Working with technical teams, business units, project teams including vendors to ensure security standards, policies and procedures are integrated into their design and processes.
• Participate in preparing business cases, solution evaluation and selection, RFP preparation, budgeting etc. to in a security consulting role to ensure the security aspects are integrated or taken care.
• Leads suitable information security awareness, training & educational activities.

IT Security Operations
• Acting as SPOC for all security related initiatives for internal and external stake holders.
• Monitoring and analysing security alerts, logs and distributing information to security, technical and business unit management personnel on defined need basis.
• Monitoring and reviewing the logs, status of controls implemented for availability and continuity of critical assets (ex: backup and replications, Backup, HA DR logs, tests and drills etc.) in coordination with the respective technical teams. Providing periodic updates/reports and escalations to management as defined for any exceptions identified.
• Monitoring Security Incident & Event Management once implemented and initiating necessary actions, escalations based on identified patterns of malicious activity.
• Collect information and report on measures, KPIs, CSFs and KRIs related to Information/IT Security management as defined by management.

Security Incident Management
• Maintaining and developing security incident response plan, incident models and perform awareness and training for the people handling the security incidents at various levels.
• Incident handling at the primary level following the developed and approved incident handling models. Develop new incident models on need basis and submit to management review and approval.
• Performing initial assessment for breaches, collecting the forensics and recommending procedures for containment of breach without compromising collection of evidence wherever possible along with preparation of incident reports. Further evaluate, recommend and assist in implementation of approved security controls, tools and solutions based on incidents and oversight.


Desired Candidate Profile

Education:
Degree in Computer Science/IT/Engineering/Science; Certified in CEH, CISSP, CISA and ISO 27000.
ITIL / ISO2000 knowledge desirable.

Minimum Experience and Knowledge:
Around 10 years IT Experience, with minimum 3-5 years IT Security Specialist / Information Security Analyst roles.

Job-Specific Skills:
Broad knowledge working on administration of IT Infrastructure, Network & Applications. Exposure in Configuration & Administration of Security Technologies like SIEM, Access Control, Privileged Identity Management Solution, Analysing Next Generation Firewall & Web Application for anomalies, Vulnerability assessment and remediation in close coordination with IT Business units.

Strong Communication skill, Analytical skill, Technical & Business Writing Skill.
Project Management experience & skills highly desirable.


Keyword: IT Security, Information Security, IT Security Specialist, Information Security Management, IT Security Management
Apply Now
    show more jobs
    "