IT Security and Compliance Officer

The security compliance officer's role is to ensure the secure operation of the B&S information assets in accordance with our internal processes, procedures, and compliance requirements as per the relevant ISO standards, regulatory frameworks applicable to B&S, and industry best practices.Key Responsibilities Oversee and improve the information security programs, including data protection, risk management, compliance, and information security testing.Establish information security audit policies and procedures relevant to CMMC, SOC2, ISO 27001, ISO 22301, ISO 38500, PCI-DSS.Develop, implement, and maintain internal ITSC audit policies and procedures in accordance with local and international best practices.Conduct scheduled audits on information assets and processes to maintain certifications and compliance certificates.Evaluate compliance of B&S processes, procedures, systems, and applications against ISO 27001, ISO 22301, ISO 38500, PCI-DSS, CMMC, and industry best practices.Monitor advancements in information security and privacy laws to ensure organizational adaptation and compliance.Prepare audit reports for senior management, regulators, and other stakeholders.Assist with initiatives related to compliance certification and regulatory bodies.Review new products, systems, or processes for compliance with relevant standards and frameworks.Manage and maintain security audit platforms.Collaborate with IT Risk & Threat Analysts and Cybersecurity Analysts to identify and communicate threats and vulnerabilities for remediation.Develop internal audit policies and procedures aligned with best practices.Conduct internal audits according to the internal ITSC schedule and framework.Evaluate compliance of processes, procedures, systems, and applications with B&S' certification initiatives.Deliver audit reports, findings, and remediation status to stakeholders.Propose improvements based on audit findings.Qualifications Bachelor's degree in Computer Science or related field with IT audit or compliance experience.At least 5 years of IT experience focusing on security and compliance.Knowledge of ISO 27000 series, PCI-DSS, GDPR, NIST, ISO Certifications, and SOC-2 standards.Experience in writing policies, procedures, and controls for standards/frameworks.Understanding of computer networking, protocols, and network security methodologies.Knowledge of risk management, cyber threats, and vulnerabilities.Experience in risk management within compliance and security contexts.Ability to work in fast-paced environments, handle ambiguity, and manage multiple priorities.Strong attention to detail, self-motivated, and adaptable.Relevant certifications like ISO 27001, CISA, CISM are advantageous.Additional Information We offer you Competitive salary with performance-based bonus.Company-sponsored visa and health insurance.Leave benefits as per UAE labor law.Annual return airfare to your home country.Opportunities for professional growth and development.Dynamic and collaborative work environment.Part of a leading international trading company with a global presence. #J-18808-Ljbffr