Purpose and summary:

As the Information Security Officer, individual will be responsible for overseeing and implementing the information security program of the company within the regulatory framework of Abu Dhabi Global Market. ISO will play a crucial role in safeguarding company systems, networks, and data from potential threats and ensuring compliance with industry standards and best practices.

Key Responsibilities:

• Information Security Strategy: Develop and implement an effective information security strategy aligned with the business objectives of the company and regulatory requirements of Abu Dhabi Global Market.

• Risk Management: Conduct regular risk assessments and vulnerability scans to identify potential security threats and vulnerabilities. Develop and implement risk mitigation strategies to minimize security risks to the organization.

• Security Policies and Procedures: Develop, review, and enforce information security policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices.

• Security Awareness Training: Coordinate and conduct security awareness training programs for employees to promote a culture of security awareness and compliance throughout the organization.

• Incident Response and Management: Establish an incident response plan and coordinate responses to security incidents, including conducting investigations, implementing remediation measures, and reporting incidents to relevant stakeholders.

• Security Monitoring and Compliance: Implement security monitoring tools and techniques to detect and respond to security incidents in real-time. Ensure compliance with regulatory requirements, including reporting obligations to Abu Dhabi Global Market authorities.

• Vendor Risk Management: Evaluate the security posture of third-party vendors and service providers. Develop and implement vendor risk management processes to ensure that vendors comply with information security requirements.

• Security Audits and Assessments: Coordinate and participate in security audits and assessments conducted by internal and external auditors. Implement corrective actions to address findings and ensure continuous improvement of the information security program.

Qualifications:

• Bachelor’s degree in information technology, Computer Science, or a related field. Advanced degree or professional certifications (e.g., CISSP, CISM, CISA) preferred.
• Minimum of 10 years of experience in information security management, preferably in the financial services industry or fintech sector.
• In-depth knowledge of information security principles, standards, and best practices, including ISO 27001, NIST Cybersecurity Framework, and PCI DSS.
• Experience in developing and implementing information security policies, standards, and procedures.
• Strong analytical and problem-solving skills, with the ability to assess complex security risks and develop effective mitigation strategies.
• Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate complex technical concepts to non-technical stakeholders.
• Experience in conducting security awareness training and promoting a culture of security awareness within the organization.
• Familiarity with regulatory requirements applicable to the financial services industry, particularly in Abu Dhabi Global Market.
• Proven track record of managing security incidents and coordinating incident response efforts.
• Experience in conducting security audits, assessments, and compliance reviews.
• Knowledge of security monitoring tools and techniques for detecting and responding to security incidents in real-time.

Work Environment

• Required to work office hours.
• Flexibility to work longer hours from time-to-time as and when the job requires.
• Open to travel requirements if needed.