For a well known client operating in the United Arab Emirates, we are currently looking for a Senior ICT Technical Security Service Specialist.
To ensure and support Information security operations and protecting our client’s internal systems and coordinate between the various our client’s functions. Moreover, to ensure that security controls are maintained and under compliance of the existing Information Security Standards.
- Obtains and acts on vulnerability information and conducts security risk assessments for business applications and computer installations;
- Provides authoritative advice and guidance on security strategies to manage the identified
- Investigates major breaches of security, and recommends appropriate control
- Interprets security policy and contributes to development of standards and guidelines that comply with
- Performs risk assessment, business impact analysis and accreditation for all major information systems within the organization.
- Ensures proportionate response to vulnerability information, including appropriate use of
- Provides authoritative advice and guidance on Information assurance architecture and strategies to manage identified risk.
- Familiar with major legislation relevant to security of
- Interprets security and assurance policies and contributes to development of standards and guidelines that comply with these.
- Uses testing to support information
- Provides advice, assistance and leadership associated with the planning, design and improvement of service and component availability, including the investigation of all breaches of availability targets and service non-availability, with the instigation of remedial activities.
- Plans arrangements for disaster recovery together with supporting processes and manages the testing of such plans.
- Controls IT assets in one or more significant areas, ensuring that administration of the acquisition, storage, distribution, movement and disposal of assets is carried out.
- Produces and analyses registers and histories of authorized assets (including secure master copies of software, documentation, data, licenses and agreements for supply, warranty and maintenance), and verifies that all these assets are in a known state and location.
- Ensures that there are no unauthorized assets such as unlicensed copies of software.
- Assesses, analyses, develops, documents and implements changes based on requests for change.
Security and Administration
- Drafts and maintains the policy, standards, procedures and documentation for security.
- Monitors the application and compliance of security operations procedures and reviews information systems for actual or potential breaches in security.
- Ensures that all identified breaches in security are promptly and thoroughly investigated.
- Ensures that any system changes required to maintain security are implemented.
- Ensures that security records are accurate and complete.
- Security management (including network security, identity management, securi‹y events and incidents)
- To conduct security researches to keep abreast of latest security issues and ensure that ICT is briefed accordingly.
- To participate in the planning and the implementation of alJ computing and network infrastructure projects (i.e. upgrades, enhancements, etc.) to ensure compliance with the IT Security architecture.
- Owns the service continuity planning process and leads the implementation of resulting plans.
- Coordinates the identification by specialists across the organization of information and communication systems which support the critical business processes, and the assessment of risks to the availability, integrity, and confidentiality of those systems.
- Evaluates the critical risks associated with these systems and identifies priority areas for improvement.
- Coordinates the planning, designing, testing of maintenance procedures and contingency plans to address exposure to risk and ensure that agreed levels of continuity are maintained.
- Maintains knowledge of specific technical specialism provides detailed advice regarding their application and executes specialized tasks. The specialism can be any area of information or communication technology, technique, method, product or application area.
- B.S. in Information Security or Computer Science /IT Major
- CISSP, CCNP, Networking or System/OS Certificates, ITIL Foundation, ISO27001 Lead Implementer
- 6+ years of experience in network monitoring and security utilities
- Developing and implementing frameworks that bring together IT services and security and availability needs
- Designing and delivering solutions that deliver highly secure and available IT services in line with business requirements
- Developing and monitoring compliance with IT practices and procedures
- ISO 27001 Implementation
- Masters in Information Security or Computer Science /IT Major
- CISM, CISSP-ISSEP, CISSP-ISSAP, ITIL RCV
- Working experience on Linux and ESX and Windows security
- Experience on infrastructure security and physical security