Manager, IT Security & Compliance - Emirati Talent

Key Accountabilities:

• Develop and maintain comprehensive IT security strategies that meet regulatory requirements and industry best practices.
• Develop and implement IT resiliency programs, including Cyber recovery planning, business continuity management, and align with cyber resiliency program.
• Lead incident response efforts to manage and mitigate the impact of security breaches and cyber incidents.
• Conduct post-incident reviews and create lessons learned reports to improve future security practices and incident handling procedures.
• Coordinate with IT teams and third-party vendors to resolve security incidents quickly and effectively.
• Perform regular risk assessments to identify, evaluate, and mitigate potential threats and vulnerabilities.
• Lead the vulnerability mitigation activities within the SLAs. 
• Develop and implement risk management strategies to minimize potential impacts on business operations.
• Develop and implement IT compliance programs, including risk assessments, controls, audits, training, and reporting.
• Oversee the implementation and management of security tools and security agents compliance
• Collaborate with other IT managers and departmental leaders to ensure that IT security, resiliency, and compliance programs are integrated into overall IT processes and service delivery.
• Provide regular reports on IT security and compliance status, vulnerability management, risks, and audit findings to the Director and EDGE Leadership.
• Maintain comprehensive documentation related to security and compliance policies, procedures, audits, and incident reports.
• Develop and maintain relationships with external stakeholders, such as regulatory bodies, auditors, and vendors.
• Stay up to date with emerging trends and regulations in IT security, resiliency, and compliance, and provide recommendations for improvements.

Experience:

• UAE nationals: Minimum of 10 years of experience in IT Security, Resilience and Compliance
• Expatriates: Minimum 10 years of experience in IT Security, Resilience and Compliance

Education:

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Relevant professional certification (E.g CISSP, CISM, GSLC) 

Key Skills:

• In-depth understanding of cybersecurity principles, threats, vulnerabilities, and risk management
• Expertise in Network, Systems, Host and cloud Security
• Excellent understanding of IT governance, risk management, and control frameworks
• Knowledge of relevant IT regulations and standards such as GDPR, ISO 27001, NIST,CIS
• Skills in developing, implementing, and managing incident response plans