Associate Manager IT APOC

JOB PURPOSE

To Manage Information Security activities and ITSM processes related to Airport IT Operations. To ensure Security, Quality and Compliance of Systems, Services , Processes . To ensure IT Process Alignment with Business and Stakeholder Requirements

To manage Information Security activities and Information Technology Services processes governance relating to IT Operations to ensure confidentiality, integrity and availability of systems, services and associated information are in tune with business and stakeholders needs and adhering to   regulatory & statutory requirements

ORGANISATION CHART

KEY ACCOUNTABILITIES

Reducing  gap between current state and desired state   to acceptable risks.
Roll out corporate Initiatives as per corporate guidelines
Propose, Review and Recommend  cost-effective solutions
Asset Classification
Business Impact Assesments
Threat and Vulnerability evalautions
Risk Assesment and Risk Management
Evaluate information security controls and countermeasures
Integrate risk, threat and vulnerability identification and management into information management life cycle
Identify and evaluate information security technologies, emerging trends
Align information security architectures with changing business needs
Develop information security standards, procedures and guidelines implement and communicate information security policies, standards, procedures and guidelines
Design controls and review  controls effectiveness

KEY ACCOUNTABILITIES - Additional Details

EXTERNAL INTERACTIONS

External - Roles  you need to interact with outside the organization to enable success in your day to day work Concessionaires/Regulatory Agencies /Airlines: Information Security Approvals for new service requests. Non-disclosure Agreements MDI Acceptance and awareness on Information Security Policy Regulatory and Legal Compliance Data privacy and Protections Incidents/Breaches Quality assurance
•Vendors Information Security Policy Compliance Physical and Environmental controls in use of facilities Review of Incidents/ Breaches Regulatory and Legal compliance Contracts and Procurement Info security guidelines Upgrades / Releases/Patches Security Bulletins Awareness and Training Vulnerability and Security Assessment tailored to business needs SLA Reviews Audits Event and log correlation Quality Assurance
•Implementation Partners: (Dubai Technology Partners, TCL, TTSL, BSNL, Pathfinder, IBM, KRONOS). Review for security policy compliance with Data and Privacy regulations Quality Assurance
•Implementation Partners: (Dubai Technology Partners, TCL, TTSL, BSNL, Pathfinder, IBM, KRONOS). Review for security policy compliance with Data and Privacy regulations Quality Assurance
•OEMs (UFIS, RESA, IER, SAFEGATE, BOSE, SIEMENS COMMUNICATION, SITA) : Performance Review SLA review Incidents and Problem review Legal and Regulatory compliance Security Policy compliance Quality Assurance
 

 

INTERNAL INTERACTIONS

Internal - Roles you need to interact with inside the organization to enable success in your day to day work Business units Aligning Business Requirements with security policy Awareness Programs Compliance and Regulatory Requirements Contractual requirements Human Resources Pre entry, entry and exit Physical and Environmental Requirements Business Continuity Tests Access Controls Quality Assurance
Joint Venture Partners (HMACPL, HDFRL, NOVOTEL, FUEL FARM) : Security policy alignment with business requirements Security Awareness Regulatory and Legal compliance SLA Reviews Quality Assurance 
GHIAL employees Policy awareness Policies compliance Trainings Incident Reporting and Management Quality Assurance
DIAL IT & Corporate IT: Share best practices
CISO: Ensure corporate requirements are rolled out to business unit-GHIAL Review technological and business unit security requirements Quality Assurance
 

 

FINANCIAL DIMENSIONS

•OPEX AOP SIEM Log monitoring and Compliance
•Cost optimization and Revenue maximizations assurance activities
 

OTHER DIMENSIONS

•Team size: 1
•Customers : 130
•End users : 1000+ (staff across HIAL, GADL & Other companies inside the campus using IT services)

EDUCATION QUALIFICATIONS

•Required B.E (Computers / Electronics /IT)
•Required Postgraduate in computer/ IT
•Required CRISC (Certified in Risk and Information Systems Control) / or CISA/ or CISM
•Desirable MBA

RELEVANT EXPERIENCE

   Minimum 9-11 Years in IT with at least 8 Years in Information security, quality and assurance functions

COMPETENCIES

• Personal Effectiveness
• Social Awareness
• Entrepreneurship
• Problem Solving & Analytical Thinking
• Planning & Decision Making
• Capability Building
• Strategic Orientation
• Stakeholder Focus
• Networking
• Execution & Results
• Teamwork & Interpersonal influence