Information Security Manager, who will be responsible to perform three core functions across the Group. The first is to oversee the operations of the enterprise security solutions including SOC. The second is to undertake evaluation of different security technologies, including POC and there rollout enterprise wide. The third is to establish and maintain enterprise security through policy, architecture and training processes.
Client Details
Large Dubai based group operating in multiple vertical.
Description
Technical Competency
Security Architecture: Create and maintain the enterprise's security architecture design.
Perimeter Security Solutions: Have an in-depth knowledge on Security Solutions on Perimeter Security like Firewall, IPS, APT, Content Filtering, Anti Malware
End Point Security Solutions: Antimalware, Encryption, DLP, FIM solution knowledge for end point protection
Security Technologies: Have exposure to security technologies like IDAM/ SSO, App Scan, Nessus, Tripwire, Secure FTP, Federation Services
Security Projects: Have a good knowledge on Project Management and ability to drive cross functional project delivery.
Secure SDLC: Have a fair knowledge on Secure Software Development Life Cycle with various tools and checklist
Data Protection: DLP, IRM, Encryption during the Information Lifecycle from creation to destruction/storage
Disaster Recovery / Business Continuity: Create and maintain enterprise Disaster Recovery Plan and Business Continuity Plan.
Security Standards: Exposure to Standards like ISO 27001, ISO 22301, ITIL etc
Operational Management
Have experience of handling a SIEM solution with 24 X 7 operations cross geography
Have experience of handling Security Incidents and responding with speed and also resolving the same
Have experience of handling DLP/ AV/ Patching/ FIM/ Network Security solutions operations
Have experience of handling change management including architecture changes
Supervise the design and execution of vulnerability assessments, penetration tests and security audits
Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
Ensure the enforcement of enterprise security documents.
Supervise all investigations into problematic activity and provide on-going communication with senior management.
Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
Engage ongoing communication with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
Comply with all legal and regulatory requirements pertaining to data security and privacy
Liaise with internal and external stakeholders for security implementation and compliance.
Profile
Formal Education & Certification
Master of Computer Science, College diploma or bachelors of engineering (BE) in the field of computer science/ electronics/ Telecommunications with an overall experience of 12+ years with minimum 9 years relevant work experience in the information security field.
One or more of the following certifications:
GIAC Security Essentials Certification
GIAC Security Leadership Certification
CISM Certified Information Security Manager
Microsoft Certified Systems Engineer: Security
(ISC)2 S
Skills
Information Security SIEM SOC Firewall Architecture CISSP CISM
website: http://www.michaelpage.com
Email: [email protected]
UAE