IT Security and Compliance Officer

Company Description

Who we are

B&S is a company in the consumer goods industry with a very strong global network. We provide unmatched reach in the field of consumer goods, connecting suppliers and consumers all over the world.

Job Description

The security compliance officer's role is to ensure the secure operation of the B&S information assets in accordance with our internal processes, procedures, and compliance requirements as per the relevant ISO standards, regulatory frameworks applicable to B&S and industry best practices.

Key Responsibilities

• Oversee and improve the information security programs, including data protection, risk management, compliance, and information security testing.
• Establish information security audit policies and procedures relevant to CMMC, SOC2, ISO 27001, ISO 22301, ISO 38500, PCI-DSS.
• Develop, implement, and maintain internal ITSC audit policies and procedures in accordance with local and international best practices.
• Conduct scheduled audits on information assets and processes as required in order to maintain certifications and compliance certificates.
• Evaluate compliance of B&S processes, procedures, systems, and applications against the requirements of ISO 27001, ISO 22301, ISO 38500, PCI-DSS, CMMC, and industry best practices.
• Monitor advancements in information security and privacy laws to ensure organizational adaptation and compliance.
• Prepare audit reports required for senior management, regulators, and other relevant stakeholders.
• Assist with initiatives relevant to compliance certification and regulatory bodies.
• Review all new products, systems, or processes to ensure compliance against required standards, frameworks, and best practices.
• Deploy, manage, and maintain security audit platforms.
• Collaborate with the IT Risk & Threat Analyst and Cybersecurity Analyst to ensure threats and vulnerabilities are promptly identified and communicated to relevant business stakeholders for remediation.

Key Deliverables

• Develop internal audit policies and procedures in accordance with local and international best practices
• Conduct internal audits as per the internal ITSC audit schedule and framework
• Evaluate compliance of B&S processes, procedures, systems and applications against the requirements of B&S' certification initiatives
• Deliver audit reports/findings and status of the remediation of audit findings to stakeholders
• Propose continuous service improvements based on audit findings

Qualifications

• Bachelor's degree in Computer, with IT audit or compliance experience
• 5+ years of IT experience with a focus on security and compliance
• Knowledge and understanding of ISO 27k, PCIDSS, GDPR, NIST, ISO Certifications and SOC-2 information security standards and/or frameworks
• Experience writing policies, procedures, and controls in one or more standards/frameworks
• Knowledge of computer networking concepts and protocols and network security methodologies
• Knowledge of risk management processes, cyber threats and vulnerabilities
• Experience with risk management in both a compliance and security context
• Ability to work in a fast-paced environment and the skills to deal with ambiguity
• Ability to handle multiple competing priorities
• High-level of attention to detail and be a self-starter with the ability to work independently, multi- task, and adjust to shifting priorities
• Professional information security certifications like ISO 27001, CISA, CISM, or other relevant security-related designations would be an advantage

Additional Information

We offer you

• Competitive salary fitting with your experience, along with discretionary annual performance-based bonus  
• Company sponsored visa along with health insurance 
• Leave benefits as per UAE labour law  
• Annual return air-ticket to your home country 
• Opportunity for professional growth and development
• Dynamic and collaborative work environment 
• Being a part of leading International trading company with global presence