Governance, Rsk & Compliance Specialist - UAE National
- أبو ظبي
- دائم
- دوام كامل
- Assist the Implementation of the security governance, risk and compliance program as directed with a focus on industry regulations and standards, data privacy and internal policies and standards compliance.
- Operate the enterprise-owned tools that support governance, risk and compliance activities and support service providers in delivering contractual security requirements.
- Identify and evaluate IT security risk factors and ensure adequate & effective IT security controls exists that mitigate these risks and meet current and future compliance requirements.
- Demonstrate knowledge of IT security regulatory requirements like NESA, ISO 27001, PCI DSS, GDPR, ADHICS, etc.
- Provide assurance that IT security risks are effectively identified and addressed in relation to with deployment of new or enhancements in existing information systems and processes.
- Provide support in coordination activities as required for the IT security component of both internal and external audits.
- Support in the development, review and publishing of content for security awareness theme and conduct security awareness trainings & simulation exercises.
- Support the vulnerability detection & remediation program with a focus on vulnerability prioritization and remediation with creation of timely reports & dashboards
- Facilitate the development of remediation plans and the timely resolution of any identified gaps.
- Proactively seek opportunities to improve the efficiency / effectiveness of the IT security compliance program.
- Act as a channel of communication to IT to receive and direct compliance issues to appropriate IT resources for investigation and resolution.
- Develop, review and revise information security policies and supporting standards aligned with applicable industry best practices and regulations.
- Graduate degree in Computer Science, Management Information Systems or equivalent.
- A minimum of 5 years of experience in Cybersecurity.
- Knowledge of industry best practice standards pertaining to Information Security, risk management and data privacy
- Knowledge of and experience with Information Security and GRC tools required.
- Understanding of international and local regulations pertaining to Aviation, Information Security and data privacy
- Ability to manage execution of projects by security services providers and internal teams.
- Ability to learn and adapt quickly to new cybersecurity technologies and skills
- Very good written and oral communication skills required.