IT Cyber Security Engineer

About This Role

Job Purpose

• To establish and maintain a corporate-wide information cyber security management program and ensure that information assets are adequately protected.

Primary Duties Performed

• Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program;
• Work directly with the CTO and all IT functions to facilitate cyber security and risk assessment and its processes;
• Evaluate the IT threat landscape to reduce risk, leading auditing, and compliance initiatives,
• Assist in implementation of the IT Cyber Security strategies, policies and procedures;
• Prepare the documentation for the IT Cyber Security reports and guidelines;
• Develop and enhance an information security management framework;
• Monitor, maintain and administrate the IT security devices (such as Firewalls, Cor Switches, Web filtering, Spam Filtering devices... etc.) in coordination with IT Infrastructure and Cloud Unit to ensure no threats impacting the operations of these devices.
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services;
• Partner with business stakeholders across INDEX Holding group to raise the awareness of Cyber Security risk management concerns by conducting the required training and workshops;
• Assists with the overall business technology planning, providing a current knowledge and future vision of technology and systems.
• Manage and maintain cyber security incident management and track accordingly;
• Review the audit reports and assist to tackle the security issues raised by the auditors.
• Conduct a periodic security check on all the relevant IT systems and services that are running in production.
• Conduct a periodic penetration testing to the relevant technologies that are running in production.
• Conduct a periodic vulnerability assessment to the relevant technologies that are running in production.
• Perform a periodic check of the backup restoration practice in INDEX holding to ensure the consistency of the backup data and integration;
• Assist in controlling IT related risk by advising management and functional units on all IT policies and procedures;
• Ensure the confidentiality and protection of corporate data, proprietary information and intellectual property;
• Check the updates on the systems to ensure the patch management with the latest patches and upgrades on a regular basis;
• Assist in managing the crisis situations, involving complex technical hardware or software problems and ensure adequate provision for business continuity and disaster recovery;
• Ensuring that INDEX Holding is adaptable to evolving cyber security compliance regulations.
• Solicit, study and evaluate all IT Projects Plans to ensure risk low effectiveness, in addition, identify and develop risk analysis and supervise risk management for the IT department;
• Undertake such other tasks as and when required by the Chief Technology Officer.

3. Contacts

Internal:

• Chief Technology Officer
• All IT Team
• All other employees of INDEX Holding

External:

• IT Service Suppliers
• IT Vendors

4. Independence of Operation

• Data access, security and integration;
• Reduction in IT related risks, business continuity and disaster recovery plans; and
• Coordinate with the department employees to provide the necessary IT Security adviser to the Group employees.

5. Responsibility of generation and / or management of income / assets / expenditure

• Responsible for the IT Cyber Security Program of all technology assets.

6. Qualifications and Experience Required

• Degree in IT related discipline Computer Science or equivalent and additional professional technical training/certifications in System Administration;
• Master’s Degree on IT or equivalent is preferred;
• Certification in Cyber Security, Certified Ethical Hacker, and hands-on experience associated with risk management, Penetration Testing and Vulnerability Assessment;
• Minimum 5 years of IT experience in IT Cyber Security, IT Systems and Networking Evaluation;
• Demonstrate knowledge of security standards and their applications;
• Exposure with the latest technology and research background will be an added advantage;
• Good project management skills
• Excellent communication skills in English, both written and oral. Arabic language is an advantage;
• Excellent organizational and time management skills; and
• Good interpersonal skills.

Job Type: Full-time

Application Question(s):

• What is your salary expectation in AED?
• Have you worked on security technologies and applications related to Microsoft, Cisco, and AWS?
• How many years of experience do you have in IT Security and Risk Management within the UAE?
• Which certifications do you hold (CISSP, CEH, CISM, CISA)?

Work Location: In person