Information Security Specialist / Leading Information Security Team
CurrentResponsibilities:• Compliance and Governance: Prepare and deliver comprehensive internal and external audit reports on information security findings and compliance status.• Risk Management: Conduct thorough risk assessments to identify potential threats. Implemented & Manage IT Risk Management Controls.• Budgeting and Financial Planning.• Security Operations Center (SOC): Led the SOC to ensure continuous monitoring, incident detection, and response. • Compliance Framework: Ensure the company’s procedures are in line with applicable local and international Data Protection regulations and codes of practice.• Security Awareness: Promote a culture of security awareness and data protection.Business Continuity and Disaster Recovery: Developed, implemented, and maintained comprehensive business continuity and disaster recovery plans. Periodicity performing data restoration and DR failover to recover during security incidents or Ransomware attacks.• Patch Management: Implement and manage a robust patch management system to ensure all IT systems and software are up to date.• Data Classification: Protect sensitive information from leakage.• Access Management: Review and optimize user privileges, provisioning, and de-provisioning processes.• Third-Party Risk Management: Manage and monitor third-party contracts for IT security products and services. • Endpoint Security: Define and implement effective endpoint threat prevention policies.• Information Security Policies and Procedures: Developed and maintained information security policies, procedures, and standards to meet ISO27001 and NESA compliance requirements.• Security Assessments and Vulnerability Management: Conducted regular security assessments and vulnerability scans, including penetration testing (VAPT), to ensure that systems and applications meet established security standards and effectively address potential threats.• BYOD: Enable secure mobile device access through BYOD technology.