Executive - Digital Security & Risk Management (UAE National)
Aldar Education
Date: 3 weeks ago
City: Abu Dhabi
Contract type: Full time

Job Description
The primary purpose of this role is to support Aldar Education's information security and risk management efforts by implementing, monitoring, and maintaining security measures that protect systems, networks, and data. This individual will monitor, identify, and mitigate security risks, respond to incidents, and contribute to enforcing security policies and procedures across all of Aldar Education's Organizational Units (OUs) (HQ and schools) in alignment with our Risk and Information Security management strategy, policies, procedures, and standards. This role ensures compliance with industry standards and best practices while fostering a secure and resilient digital ecosystem.
Responsibilities
Support Cyber Risk Management across Aldar Education
The primary purpose of this role is to support Aldar Education's information security and risk management efforts by implementing, monitoring, and maintaining security measures that protect systems, networks, and data. This individual will monitor, identify, and mitigate security risks, respond to incidents, and contribute to enforcing security policies and procedures across all of Aldar Education's Organizational Units (OUs) (HQ and schools) in alignment with our Risk and Information Security management strategy, policies, procedures, and standards. This role ensures compliance with industry standards and best practices while fostering a secure and resilient digital ecosystem.
Responsibilities
Support Cyber Risk Management across Aldar Education
- Perform Cyber Risk Assessments across all Aldar Education OUs.
- Maintain the Entity Cyber Risk Register.
- Support the definition of risk mitigations at the entity level.
- Support the implementation of security policies across Aldar Education OUs.
- Conduct regular policy compliance assessments.
- Develop and maintain incident response plans.
- Coordinate and manage security incident responses.
- Conduct post-incident reviews and analysis.
- Monitor and analyse security alerts from our SOC and escalate incidents as needed.
- Collaborate with our SOC to:
- Co-develop business-relevant monitoring use cases
- Assist in the investigation, contention and remediation of security incidents.
- Assist in analysing network traffic patterns to identify anomalies, advanced persistent threats (APTs), and other malicious activities.
- Monitor web proxy solutions to enforce internet usage policies and block malicious websites.
- Analyse proxy logs to identify suspicious activities and prevent data exfiltration.
- Monitor DLP alerts and respond to potential data leakage incidents.
- Maintain WAF policies to protect web applications from OWASP Top 10 threats.
- Perform regular reviews and tuning of WAF rules based on application changes and threat intelligence.
- Monitor DNS security solutions to detect and block malicious domains and DNS traffic for suspicious activities.
- Monitor EDR solutions across endpoints to detect and respond to advanced threats.
- Analyse EDR alerts to identify and mitigate malware and ransomware attacks.
- Collaborate with VAPT and other departments to address findings and ensure compliance with security standards.
- Analyse email logs and investigate incidents involving malicious emails or attachments to prevent phishing, spam, and email-based attacks.
- Act as a key responder during security incidents, ensuring rapid containment and resolution.
- Document and report on incidents to improve organisational preparedness and response strategies.
- Lead the identification of relevant cyber security and privacy regulations for Aldar Education's OUs.
- Monitor compliance with relevant regulations and standards.
- Conduct regular compliance audits.
- Implement corrective actions for non-compliance.
- Support the enforcement of security policies, standards, and procedures across the organisation.
- Ensure compliance with relevant regulatory and industry standards (e.g., ISO 27001, ADEK Digital Policy).
- Conduct security awareness training sessions.
- Co-develop and distribute security awareness materials.
- Organise security awareness campaigns and events at the entity level.
- Incorporate threat intelligence into security processes to enhance detection and response capabilities.
- Stay updated on the latest security trends and threats to safeguard the organisation proactively.
- Work with cross-functional teams to improve overall security posture.
- Provide guidance and training to employees on cybersecurity best practices
- Administer Web Application Firewall to secure websites and applications.
- Manage DNS Security solutions
- Administer email security solutions to protect email boxes.
- Oversee web proxies, DNS security tools, and Internet Security tools to block malicious activities and enforce policies.
- Optimise Security solutions to enable secure access to internal applications.
- Administer Vulnerability Management and patch management solutions to secure servers from vulnerabilities
- Coordinate with relevant internal stakeholders and third parties on new projects and operational issues.
- Bachelor's degree in computer science or a related field.
- At least one industry-recognised information security certification.
- Preferred: Systems Security Certified Practitioner (SSCP), Certified in Risk and Information Systems Control (CRISC), Certified in Cybersecurity (CC) from ISC2, ISACA Cybersecurity Fundamentals, CompTIA Cybersecurity Analyst (CySA+), CompTIA Security+, Certificate of Cloud Security Knowledge (CCSK).
- Minimum of a bachelor's degree in computer science or a related field.
- Minimum of 3 years of work experience in Information Security Management, including monitoring and analysing security alerts, managing security incidents, and ensuring regulatory compliance.
- Minimum of 1 year of experience in handling Information Security projects, such as implementing security policies, conducting risk assessments, and coordinating with cross-functional teams.
- Proficiency in managing security tools such as Security Orchestration, Automation, and Response (SOAR), Network Detection and Response (NDR), Endpoint Detection and Response (EDR), Web Application Firewall (WAF), Data Loss Prevention (DLP), and email security solutions.
- Hands-on experience with Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA).
- Knowledge of vulnerability management processes and tools, including Vulnerability Assessment and Penetration Testing (VAPT) methodologies.
- Deep understanding of network protocols, firewalls, proxy servers, DNS security, and VPN solutions.
- Familiarity with Intrusion Detection and Prevention Systems (IDS/IPS).
- Ability to analyse threat intelligence feeds and integrate them into security operations.
- Strong incident response skills, including containment, eradication, and recovery processes.
- Knowledge of securing cloud environments and applications, especially hybrid and multi-cloud setups.
- Strong skills in analysing logs, alerts, and telemetry data to identify and resolve security threats.
- Effective collaboration with cross-functional teams to strengthen security measures.
- Ability to communicate complex technical issues to non-technical stakeholders.
- Strong analytical skills.
- Continuous learning mindset.
- Excellent troubleshooting and problem-solving abilities.
- Highly self-motivated and directed, with keen attention to detail.
- Ability to present ideas in user-friendly language.
- Strong interpersonal, written, and oral communication skills.
- Effective task prioritisation in high-pressure environments.
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Specialist – AML, Transaction Monitoring- UAT & Data Analysis
Dicetek LLC,
Abu Dhabi
6 hours ago
Job Knowledge, Skills & ExperienceAnalyst should have understanding of: Perform investigations on alerts escalated in AML monitoring system Review the RFI response received Identify the need to file internal Suspicious Transactions Reports (STRs)Experience Bachelor’s Degree or Higher in Management, Banking or Finance, preferably with certification in compliance, AML, risk management or internal audit. At least 5 years of business experience...

Telecom Engineer – Mobile Network Operations & IT Troubleshooting
nx,
Abu Dhabi
9 hours ago
Job DescriptionAs a Telecom Engineer, you will play a critical role in maintaining, optimizing, and troubleshooting our mobile telecom network infrastructure. You will work closely with cross-functional teams to ensure the reliability, performance, and security of our network systems. Your expertise in field operations and IT troubleshooting will be essential in resolving complex technical issues and improving overall network efficiency.Key...

Bilingual Public Relations Specialist
DataAnnotation,
Abu Dhabi
1 day ago
DataAnnotation is committed to creating quality AI. Join our team to help train AI chatbots while gaining the flexibility of remote work and choosing your own schedule.We are looking for a bilingual professional to join our team and teach AI chatbots. You will have conversations in both Arabic and English with chatbots in order to measure their progress, as well...
