Manager Information Security
Found in: beBee S AE - 4 weeks ago
Group 42 is an Abu Dhabi based artificial intelligence (AI) and cloud computing company, uniquely positioned in the national ecosystem to develop, and deploy holistic and scalable AI solutions. G42 Healthcare is committed to developing a world-class, sustainable healthcare sector in the UAE and wider region. At the forefront in the battle against the pandemic, G42 Healthcare partnered with Abu Dhabi authorities to develop a massive throughput laboratory in 14 days and spearheaded the world’s first Phase 3 clinical trial of COVID-19 inactivated vaccine. Beyond Covid-19, G42 Healthcare is also developing a program of activities to support the health of future generations – ranging from genomics, imaging and diagnostics to digitization programs, manufacturing, and cutting-edge research.
As Senior Manager - Information Security & Data Privacy, you will lead the Information Security & Data Privacy team covering areas such as Identity & Access Management, Cyber Security Defense Center, Data Privacy, Data Protection, Cloud Security, Information Security GRC and Red Team processes and work with the senior stakeholders across the company Responsibilities: Responsibilities:
Develops the following sub functions:
Identity & Access Management- Cyber Security Defence Centre
- Data Privacy & Protection
- Information Security Governance, Risk and Compliance
- Red Team Data Privacy
- Support Group 42 Healthcare business and will encompass the formal function of Data Protection Officer and will work collaboratively with key stakeholders to provide day to day guidance on a range of data issues, implementing company-wide policies and further embedding the privacy culture at Group 42 Healthcare
- Be the primary point of contact for all data privacy and information security matters
- Provide strategic leadership to the business on data protection, privacy, information security and data governance matters GRC
- Manage internal compliance programmes
- Support internal product and operational teams to develop, deliver and have oversight of G42 Healthcare solutions
- Lead data protection training to raise awareness of all employees across the company
- Assist the internal compliance team with the completion of data protection audits
- Oversee the information security functions in the organization
- Be responsible for managing three separate departments, logical security, physical security and audit and compliance.
- Creation and management of all ISMS policies and management of all applicable ISMS procedures
- Ensure compliance to all applicable internal and external security requirements
- Ensure IT/IS security is addressed in the development/acquisition processes for information systems and associated products and services
- Ensure IT/IS systems have suitable DR and BCP processes and procedures in place
- Establish and maintain processes to ensure that all users are trained to conduct themselves in a manner which ensures they fulfil their IT/IS security responsibilities Essential Criteria
- Must have demonstrable experience with ensuring compliance to company, client and regulatory requirements
- Own Group 42’s information security organization, consisting of direct reports and indirect reports. This includes hiring, training, staff development, performance management and annual performance reviews
- Deep understanding and application of information security management framework based on the following: International Organization for Standardization (ISO) 2700X, FDA, CE, HIPAA, HITRUST, etc.
- Build information security policies, standards and guidelines; oversee the approval, training, and dissemination of security policies and practices.
- Overall responsibility in achieving and maintaining relevant certifications to continue Group 42’s position as leader in Security and Data Privacy
- Liaise with Group 42’s IT and Engineering teams to ensure alignment between the security and development practices, ideally understands SSDLC and/or SDLC in a regulated environment.
- Teams in Product Security, Platform Security, Engineering, and Operations will partner with the information security organization to deliver exceptional security for customers
- Manage risk-based process for vendor security risk management, including the assessment and treatment for risks that may result from partners, consultants and other service providers.
- Provide risk guidance for Product Engineering & Platform Engineering projects, including the evaluation and recommendation of technical controls.
- Represent security expertise of Group 42 to current and potential customers
- Guide the company through internal and external audits, examinations and reviews related to security and participate in cross-functional teams in connection with regulatory and other audits and examinations.
- Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program
- Work directly with the business units to facilitate risk assessment and risk management process
- Facilitate an information security governance structure through the implementation of a hierarchical governance program, including the formation of an information security steering committee or advisory board.
- Develop and enhance an information security management framework
- Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
- Partner with business stakeholders across the company to raise awareness of risk management concerns
- Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
- Defines the security strategy, roadmap and acts as the primary interface for Information/Cyber security topics
- Build & maintain the Information/Cyber security program based on risks
- Engages with and manages the right vendors to ensure appropriate security architecture and solutions are deployed covering network, physical, application or system security across all information systems (applications, databases, data centers and servers, networks, desktops and other endpoints)
- Manages the formulation of policies and procedures to protect information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction, ensuring that Silver Beach maintains security best practices to comply with NIST and standards such as BS7799, ISO 17799 and ISO 27001
- Works with Tech Officer / System Integration Manager for evaluating and managing IoT related cyber security risks, deriving the overall security and business continuity / disaster recovery plans
- Defines policies and procedures in relation to managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes
- Extends the concepts of information management to the practices and technologies of physical security to have a complete security framework
- Manages governance and enforcement of information technology controls related to the confidentiality, integrity, and availability of data
- Establishes resilience policies and guidelines including excess capacity, redundancies, and failovers
- Develops approaches to generate revenue through security with business solutions
- Communicates periodic status reports to higher management and escalate potential issues as appropriate
- Cyber Security Defense Center & Red Team
- Manage and assist in performing on-going security monitoring and continuous improvement of information systems including risk assessment, gap analyses, new security capabilities assessments and recommendation·
- Act as the central point of contact for all incidents, develop and deploy appropriate incident handling procedures and reporting
- Driving security operations cross-functionally, including proactive review and management of vulnerabilities to reactive engagement during an incident, and everything in between.
- Leads the convergence of technical and physical security controls and solutions
- Supports other Group 42 internal stakeholders / functions to deploy the necessary tools and solutions in place to help with compliance and effective security monitoring
General- Excellent written and verbal communication skills
- Self-reliant, completer- finisher with a pragmatic approach to Security
- Ability to operate effectively without direct supervision
- Ability to interact effectively with all areas and levels of the business
- Detailed knowledge of IT and security disciplines
- Demonstrable experience in management of Security related projects
- Ability to manage complex projects and coordinating all major stakeholders to ensure a collaborative approach to achieve a desired solution Qualifications: Candidate Requirements
A minimum of a bachelor’s degree and a strong interest in IT applications and operations.- Minimum of 10 years professional experience in IT
- Certification as a Certified Information Systems Security Professional (CISSP) and/or Systems Security Certified Practitioner (SSCP) is desirable.
- Minimum of 5 years of experience in a combination of risk management, information security, security operations, and Product Engineering roles. At least 4 years in a senior leadership role in security.
- Relevant experience managing security for companies that leverage cloud technologies such as Amazon Web Services (AWS), Google Cloud Platform (GCP), or Azure and / or offer platform as a service (PaaS) with security commitments to customers and partners.
- Relevant experience working in the healthcare/life sciences industry with a deep understanding of regulatory frameworks such as ISO, GDPR, FDA, CE, HIPAA, HITRUST, etc. is highly desired.
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
- Must be able to effectively liaise with internal direct reports and senior management as well as external customers, clients, partners and stakeholders.
- Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
- The incumbent must have an in-depth understanding of IT agile software development frameworks, strong knowledge of IT best practices and protocols, operational risk management, and in-depth knowledge and expertise of the Group 42’s operations, including IT practices. Specific expertise should include:
- IT Management practices and protocols, including in-depth knowledge of international IT standards.
- Solid knowledge of IT application design, development, support and Operations Audit methodology
- Ability to work independently and in a team environment with both the local and global Compliance and Legal teams and the information security teams.
-
Information Security Manager
Found in: Whatjobs AE C2 - 7 days ago
abu dhabi, United Arab Emirates Emirates Investment Authority Full timeWe are seeking an experienced Information Security Manager to lead and oversee the development, implementation, and management of our information security and business continuity programs. This role is crucial in safeguarding our organization's sensitive data, ensuring business resilience, and maintaining compliance with regulatory requirements.Key...
-
Information Security Manager
Found in: Whatjobs AE C2 - 7 days ago
abu dhabi, United Arab Emirates Emirates Investment Authority Full timeWe are seeking an experienced Information Security Manager to lead and oversee the development, implementation, and management of our information security and business continuity programs. This role is crucial in safeguarding our organization's sensitive data, ensuring business resilience, and maintaining compliance with regulatory requirements. Key...
-
Information Security Programs Manager
4 days ago
Abu Dhabi, United Arab Emirates Abu Dhabi Islamic Bank Full timeInformation Security Programs Manager **Role **:Information Security Programs Manager **Location**: Abu Dhabi **Role Purpose**: The main purpose of the role is to ensure Governance and delivery of cybersecurity programs/initiatives/projects within planned target dates, budget and quality and agreed SLAs. Ensure the Governance of GISD portfolio, budget and...
-
Information Security
Found in: beBee S AE - 4 weeks ago
Abu Dhabi, United Arab Emirates Mark Williams Full timeMark Williams is working with a prestigious Abu Dhabi entity with the mandate to consolidate services and business.Responsibilities: - Responsibilities involve bolstering InfoSec and CyberSec standings by creating, executing, and supervising policies and technical controls that strengthen information security - Act as the primary contact for all matters...
-
Information Security
Found in: beBee S AE - 4 weeks ago
Abu Dhabi, United Arab Emirates Mark Williams Full timeLocation:Abu Dhabi Job Reference:SM17 Type:Permanent Close Date:27/01/2024 Summary: Mark Williams is working with a prestigious Abu Dhabi entity with the mandate to consolidate services and business. Responsibilities: \xe2\x80\x94 Responsibilities involve bolstering InfoSec and CyberSec standings by creating, executing, and...
-
Information Security Officer
Found in: beBee S AE - 4 weeks ago
Abu Dhabi, United Arab Emirates Al Nahiya Group Full timeRequirements Must have Bachelor\xe2\x80\x99s Degree in an Information Technology, Cyber Security or equivalent work experience. 5+ years of experience in cyber security and leading multiple security/networks/systems operations, significant involvement with operations management, business continuity and policy compliance development. Must have the...
-
Information Security Officer
Found in: beBee S AE - 3 weeks ago
Abu Dhabi, United Arab Emirates Al Nahiya Group Full time:Requirements Must have Bachelor\xe2\x80\x99s Degree in an Information Technology, Cyber Security or equivalent work experience. 5+ years of experience in cyber security and leading multiple security/networks/systems operations, significant involvement with operations management, business continuity and policy compliance development. Must have the...
-
Analyst Information Security
Found in: beBee S AE - 4 weeks ago
Abu Dhabi, United Arab Emirates Group 42 Full timeOverview: The main purpose of this role is to collaborate with the Security Operations Centre, Information Security governance team, IT governance team and global business unit stakeholders on the design, deployment and management of core security infrastructure. Responsibilities: Develop and execute delivery plans in collaboration with wider...
-
Information Security Engineer
Found in: beBee S AE - 4 weeks ago
Abu Dhabi, United Arab Emirates BigData Technology Solutions Full timeInformation Security Engineer Location: Abu Dhabi 5+ years in Information security Responsibilities User Access Administration - provides authorized users with timely access to authorized system resources. The Service is at the operating system level. Patch Management -Operating System vulnerabilities protection provides operating System patches to...
-
Information Security Manager uae Nationals
5 hours ago
Abu Dhabi, United Arab Emirates Reliance HR Consultancy Full time**About the job Information Security Manager_UAE Nationals**: Date Posted: 06-02-2024 Position: Information Security Manager_UAE Nationals Job location: Abu Dhabi **Job Summary: - ** **Duties and Responsibilities: - ** Develop new or enhance current security procedures to reduce or eliminate potential threats. Oversee implementation of new policies...
-
Information Security Manager UAE National
Found in: Whatjobs AE C2 - 7 days ago
abu dhabi, United Arab Emirates Black Pearl Consult Full timeWe have been given an exciting mandate by our client a leading manufacturing company in the UAE. They are looking for a qualified and experienced Information Security Manager. In this role you will develop risk management processes and oversee the implementation of these new policies. On a regular basis you will analyze the databases and other information...
-
Information Security Manager UAE National
Found in: Whatjobs AE C2 - 7 days ago
abu dhabi, United Arab Emirates Black Pearl Consult Full timeWe have been given an exciting mandate by our client a leading manufacturing company in the UAE. They are looking for a qualified and experienced Information Security Manager. In this role you will develop risk management processes and oversee the implementation of these new policies. On a regular basis you will analyze the databases and other information...
-
Head of Information Security
7 days ago
Abu Dhabi, United Arab Emirates Talent Full timeResponsibilities• Develop and implement an organization-wide information security strategy, policies, and procedures.• Identify and assess potential risks and vulnerabilities in information systems and infrastructure.• Establish security controls and measures to protect information assets from unauthorized access, use, disclosure, alteration, or...
-
Information Security Manager UAE National
7 days ago
Abu Dhabi, United Arab Emirates Black Pearl Consult Full timeWe have been given an exciting mandate by our client a leading manufacturing company in the UAE. They are looking for a qualified and experienced Information Security Manager. In this role you will develop risk management processes and oversee the implementation of these new policies. On a regular basis you will analyze the databases and other information...
-
Information Security Analyst
4 days ago
Abu Dhabi, United Arab Emirates Bricks Technologies Systems Full time**Information Security Analyst**: **Salary**: : Industry Standards **Experience**: : 3 to 5 Years **Joining Date**: : ASAP **Job Location**: : Abu Dhabi **Industry Type**: : IT Service **Function**: : Software Development **Reporting To**: : Manager **Job Type**: : Full Time Collaborates with users to discuss computer data access needs, to...
-
Lead Information Security Assurance
Found in: beBee S AE - 4 weeks ago
Abu Dhabi, United Arab Emirates Nawah Energy Company Full timeJob Title Information Cyber SecurityDescription Information and Cyber Security Assurance Specialist - IT is responsible to assist Information & Cyber Security -IT Assurance to develop and evaluate Corporate Security Controls as per defined standards and reduce the risk level by performing security assessments, penetration testing, security tools...
-
Head of Information Security
Found in: Talent AE 2A C2 - 2 weeks ago
Abu Dhabi, United Arab Emirates Talent Full timeResponsibilities• Develop and implement an organization-wide information security strategy, policies, and procedures.• Identify and assess potential risks and vulnerabilities in information systems and infrastructure.• Establish security controls and measures to protect information assets from unauthorized access, use, disclosure, alteration, or...
-
Head of Information Security
Found in: Whatjobs AE C2 - 2 weeks ago
abu dhabi, United Arab Emirates Talent Full timeResponsibilities• Develop and implement an organization-wide information security strategy, policies, and procedures.• Identify and assess potential risks and vulnerabilities in information systems and infrastructure.• Establish security controls and measures to protect information assets from unauthorized access, use, disclosure, alteration, or...
-
Head of Information Security
Found in: Whatjobs AE C2 - 2 weeks ago
abu dhabi, United Arab Emirates Talent Full timeResponsibilities• Develop and implement an organization-wide information security strategy, policies, and procedures.• Identify and assess potential risks and vulnerabilities in information systems and infrastructure.• Establish security controls and measures to protect information assets from unauthorized access, use, disclosure, alteration, or...
-
Information Security Manager UAE National
Found in: Talent AE A C2 - 11 hours ago
Abu Dhabi, United Arab Emirates Black Pearl Consult Full timeWe have been given an excitingmandate by our client a leading manufacturing company in the UAE.They are looking for a qualified and experienced InformationSecurity Manager. In this role you will develop risk managementprocesses and oversee the implementation of these new policies. Ona regular basis you will analyze the databases and otherinformation...
