Information Security GRC Specialist

دوام كامل في a Laimoon Verified Company في UAE
نُشرت يوم November 4, 2024

تفاصيل الوظيفة

B&S exists to make premium consumer goods available to everyone, anywhere. We believe that getting access to consumer products that bring joy and comfort into everyday lives should be easy around the globe.You will ensure the secure operation of the B&S information assets in accordance with our internal processes, procedures, and compliance requirements as per the relevant ISO standards, regulatory frameworks applicable to B&S, and industry best practices. The role will also oversee IT risk assessments, propose risk remediations, and perform vulnerability assessments and penetration testing.Key ResponsibilitiesIT GovernanceOversee and improve the information security programs including data governance, risk management, compliance, and information security testing.Review all new products, systems, or processes to ensure compliance against required standards, frameworks, and best practices.Spearhead the implementation of IT risk management function of the information security program to ensure IT risks are identified and monitored.Assist in implementing security controls that align with regulatory requirements.Internally assess, evaluate, and make recommendations to management regarding the adequacy of the security controls for B&S' information systems.VAPTPerform information security tests and assessments on internal and external facing systems, networks, and applications to identify vulnerabilities.Be informed of the latest cybersecurity breaches and threats and advise the business accordingly.IT Compliance and Security Awareness TrainingEstablish B&S' information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies, and regulations.Evaluate compliance of B&S processes, procedures, systems, and applications against the requirements of ISO 27001, ISO 22301, ISO 38500, PCI-DSS, CMMC, and industry best practices.Oversee periodical phishing simulations, security awareness training, and propose improvements.Deliver the annual information security and compliance team work schedule for B&S and ensure completion of the committed tasks within the agreed timeframes.Maintain and monitor individual and team KPIs.Conduct information security tests and assessments as per the annual test schedule and business requirements.Develop test reports and share with relevant business stakeholders.Oversee the IT risk assessments, maintenance of risk registers, and ongoing monitoring and maintenance of the same.Improve B&S' cybersecurity culture by assisting to disseminate training content to all staff through training videos, quizzes, posters, and phishing simulations.Collaborate in reviewing, developing, and updating information security policies and procedures based on regulatory requirements, environmental and operational conditions, and changes in technology.QualificationsRequirements for the roleMaster's degree in IT/Computer Science/Cybersecurity or CISSP or equivalent.6-8 years of experience in Cybersecurity and/or IT governance, risk management, and compliance.Information security-related training or certifications such as CEH, ISO 27001, CRISC, etc.Knowledge of information security risk management frameworks and compliance practices.Understanding of common security standards and regulations (e.g., ISO 27001, ISO 22301, PCI-DSS, CMMC, etc.).Understand OWASP top 10 and SANS top 25 vulnerabilities.Familiar with security assessment tools like Burp Suite, NMAP, WireShark, Open VAS, or similar would be an added advantage.Sound understanding of securing network technologies, client, and server operating systems.Ability to develop security standards, standard operating procedures, and guidelines based on best practices and industry standards.Excellent interpersonal, communication, and presentation skills, including formal report writing experience.Ability to work independently and collaboratively with peers and cross-functional teams.Additional InformationWe offer youA good salary fitting with your experience, plus a discretionary yearly performance-based bonus.A good working atmosphere in a young and ambitious team.Company-sponsored visa along with health insurance.Leave benefits as per UAE labour law.Annual air-ticket to your home country.Why join us?This is an excellent opportunity to gain hands-on experience in Information Security Governance, Risk, and Compliance (GRC) within a dynamic business environment. You will work closely with our Information Security and Compliance teams, contributing to ensuring robust security controls and supporting strategic initiatives to protect our organization's assets. This role will offer valuable exposure to managing risks, implementing security policies, and driving compliance across the business, giving you a chance to grow in the ever-evolving cybersecurity field.Where will you be working?You will be working in our Dubai office, where you will benefit from the guidance and support of our diverse team of experts. Alongside your responsibilities, you will have the opportunity to immerse yourself in a collaborative and innovative culture that emphasizes teamwork, integrity, and a commitment to maintaining the highest standards of information security.

#J-18808-Ljbffr IT & Technology

Apply safely

To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.

Share this job
تحسين فرصتك لحصول على وظيفة خذ دورة عبر الإنترنت على الشبكات والأمان ابتداءً من الآن. تطلب ترويج10 دولار للدورات عبر الإنترنت. انظر جميع الدورات
See All Information Jobs
تعليقات وملاحظات تعليقات وملاحظات