Manager - Information Security

**Core Accountabilities**:

- Accountable for alignment of security risk management to ensure digital empowerment & agility in a secure manner.
- Assure ADGM's management & businesses on predictive cyber and information security risks to make key decisions, thereby ensuring secure & resilient investments to achieve their intended business objectives.
- Conduct and manage periodic compromise assessments across selected networks and propose recommendations based on assessment results
- Ensure appropriate information privacy, intellectual rights, confidentiality, integrity & availability controls are effectively implemented in ADGM.
- Ensure that ADGM GRC objectives are achieved & are effectively implemented, practised and assisted within ADGM.
- Ensure and oversee that appropriate information governance and management policies and practices are implemented and practised across digital services.
- Document and escalate incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
- Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus, Threat Intelligence Providers) to maintain updated of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
- Foster security best practices and internal controls across ADGM to minimise the exposure to digital and cyber risk.
- Ensure that ADGM applicable regulatory compliances are achieved & effectively managed within ADGM.
- Govern and assure the Cyber Security Operations are well managed, in collaboration with the ADGM IT Security and Operations department.
- Assure business resiliency and readiness to safely thrive through any disastrous events across the organisation or region.
- Ensure the function's performance is measured on a periodic basis as well as ensure objectives are achieved.
- Ensure ADGM digital transformation has strategically designed security & resiliency domain-driven based on the overall business and cyber risks.
- Ensure ADGM cloud strategy by establishing required security measures to accommodate the cloud cybersecurity risks & policies supporting secure operating model.
- Provides cybersecurity recommendations based on significant threats and vulnerabilities.
- Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operational Plans.
- Ensure crisis communication plans are adequately implemented across security operations.
- This role shall ensure the Digital and Cloud Infrastructure Architecture are secured and monitored consistently.
- Oversee cloud and organisation related projects to ensure appropriate usage of security tools and security methodologies, controls are in place to reduce risk exposure.

**Operational responsibilities**:

- Establish an integrated & business-centric strategy & program plan for security management, risk management and resiliency management across ADGM.
- Ensure appropriate security controls protection of business valued and classified ADGM information by protecting the privacy, IPR rights, Confidentiality, Integrity and availability in its entirety across ADGM and its subsidiaries.
- Perform and oversee the threat management, threat modelling, identify threat vectors and develop use cases for security monitoring.
- Review and endorse the robust Information Security management policies & relevant controls are development & implementation supporting ADGM business activities.
- Ensure the security concepts such as cyber-attacks and techniques, threat vectors, risk and threat management, incident management etc. are implemented appropriately
- Ensure that risk management activities are insight-driven, business-focused to proactively identify the business, security and cyber risks across the organisation.
- Proactively communication risks to line manager and other stakeholders with the objective to strengthen the ADGM's risk culture and responsiveness to change
- Ensure proactive identification of the Information security and Cybersecurity risk across strategy, operations as well as tactical levels.
- Ensure that appropriate and meaningful KPI's, KCI's and KRI's are established
- Establish and ensure accuracy of reports, dashboards and metrics for security operations are available to senior leadership.
- Ensure that appropriate metrics providing consistent business-centric results are established for periodic presentation to management.
- Ensure consistent management of the threat intelligence and modelling in accordance with the ADGM Digital Infrastructure and Business Services.
- Ensure that major threats and strategic risks, reputational risks, and interconnected risks with information security and cyber security risks are managed appropriately.
- Assist ADGM in adopting new technologies with a true understanding of their risks as well as their possibilities.
- Establish the appropriate security road