Head Of Information Security - GRC | EIT
at Al Futtaim Group in
Job highlightsPosted on August 26, 2020
About the Role
The role will play an integral part in managing the security program as a whole, and provide oversight and validation of control effectiveness within Security. Manage and mature the second line of defense risk and internal controls program. Support and align with CISO for all management reporting.
About the Task
- Work cross-functionally and throughout all levels within the organization. Represent Risk and Security Governance to all levels of the organization, including Executive Management.
- Identify and report internal control deficiencies and gaps. Validate remediation plans with the risk owner.
- Conduct regular reviews to identify adherence or gap in information security implementation
- Create, maintain and regularly communicate Information Security Policies, Standards and Process
- Manage the organisation wide Information Security Awareness training
- Implement and manage the information security GRC tool
- Manage all security related audits (internal, external, regulatory, etc.)
- Communicate regular status updates and results to management.
- Enhance and develop new methods of governance and assurance.
- Track the Risk Acceptance Form (RAF) process for Security-related exceptions to policies
- Develop, monitor, and report on key metrics (KPIs and KRIs) for risk, compliance and operating effectiveness of internal controls
To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.