Specialist Information Security

Tabreed


Date: 1 day ago
City: Abu Dhabi
Contract type: Full time
Position Title: Specialist Information Security

Job Objective

This role requires a technical expert with broad experience architecting and implementing information security technology solutions in a large enterprise environment. They must be able to act as a technical leader to support talent development and the building of high-performance teams. An effective collaborator, the Cybersecurity Specialist will work closely with key stakeholders including the Sr. Network Engineer, Systems Architect, and other teams to implement effective business solutions. With deep and broad background in information security and related services, the successful candidate will also be current with emerging best practices and service trends, particularly all aspects of cloud computing.

  • Security systems development, testing, analysis, and implementation
  • System vulnerability assessment and management
  • Response to security threats, attacks, and similar events
  • Development of threat prevention strategies
  • Coordinate & conduct black/white box security assessments with industry standard security tools
  • Regular generation of reports for executives and administrators
  • Comply with Health, Safety and Environment Policies (mandatory for all)
  • Risk Management (mandatory; line manager discretion)
  • Work independently on technical issues and recommend design solutions.
  • Demonstrate a solid understanding of infrastructure, virtualization, cybersecurity standards, and operating procedures.
  • Collaborate with other members of the cybersecurity team to develop new protocols, layers of protection, and other both proactive and defensive systems that stay one step ahead of cyber criminals.
  • Maintain security guidelines, procedures, standards, and controls documentation
  • Maintain a working knowledge of current cybercrime tactics.
  • Lead the analysis of the current technology environment to detect critical deficiencies and recommend solutions for improvement Conduct incident response analyses; develop.
  • Participate in and lead design sessions with Finning personnel as well as external parties.
  • Consult on application or infrastructure development projects to harmonize systems or infrastructure.
  • Assist with designing the governance activities associated with ensuring compliance with Information Security Policies.
  • Monitor and ensuring compliance to standards, policies, and procedures.
  • Define high-level migration plans to address the gaps between the current and future state, typically in sync with the budgeting or other planning processes.

Key Accountabilities

 Description

  • Develop, support, and advance strategies, policies, programs, and projects designed to continually improve and enhance cyber and information security posture and resiliency
  • Oversee compliance with applicable laws, rules, and regulations related to cyber and information security
  • Work with the compliance team to establish policies/standards/guidelines to ensure systems record user activities and access to sensitive data in support of insider risk management
  • Develop and implement software security compliance program that takes a risk-based approach to ensure appropriate compliance to policies/standards/guidelines
  • Contribute to awareness and outreach efforts both internally and externally
  • Attend all regular, special, and emergency meetings regarding cyber and information security
  • Regularly review the operation of security controls and recommend changes designed to improve effectiveness and/or counter emerging risks
  • Make appropriate recommendations for security enhancements to the line manager or any external vendor providing services including tools, technologies, services, policies, procedures, and other areas as needed
  • Lead efforts to evaluate and select vendors for security assessments, penetration testing, and other similar security services
  • Direct and oversee the evaluation of security tools and make acquisition recommendations to the IT Security Manager
  • Manage budgets, maintain financial forecasts, develop, and present business cases
  • Establish objectives and milestones and manage activities to deliver high-quality results within budget and schedule
  • Other duties and obligations as assigned by the line manager
  • Work with multiple stakeholders to identify areas for cyber risk reduction on the IT Infrastructure and OT systems.
  • Lead the evaluation of the potential impact of implementing difference cyber risk reduction methods (i.e., cyber security controls) with in the IT infrastructure.
  • Act as the primary interface with the Tabreed stakeholders to architect the defensive model and implement cyber security controls across Tabreed IT & OT systems for desired risk reduction.

Assess Current State And Areas For Risk Reduction

  • Lead the conduct of a cyber-security self-assessment initiatives based on international standard, national standards, and state of practice.
  • Assess the Tabreed’s defensive strategy and the implementation of the cyber security program.
  • Pr ovide an evaluation on current milestone delivery and regulatory compliance.
  • Lead the development of a corrective action plan for achieving desired risk reduction and maturing program elements.

Risk Reduction Strategy Development

  • Lead the development of a risk reduction strategy for the protection of Tabreed critical systems and associated critical digital assets (CDAs).
  • Lead the development of a risk management strategy to include a cyber security control implementation strategy for effective and sustainable risk reduction.
  • Assist in establishing key performance indicators to monitor changes in cyber risk.
  • Communicates with senior leadership on cyber security strategic issues and current risks.
  • Act as a liaison with the UAE regulatory authority, to validate cyber security performance meets or exceeds regulatory expectations for protection against the design basis threat.

Leading Solutions Design

  • Leads the creation of deliverables related to design and analysis of technology solution to ensure that solution meet business and operation needs.
  • Design, Build, Implement and support an Enterprise-class security systems.
  • Design security architecture elements to mitigate threats as they emerge.
  • Create solutions that balance business requirements with information and cybersecurity requirements

Risk Management

  • Analyse current risks and identify potential risks in responsibility
  • Report the risk tailored to the relevant audience
  • Build risk awareness amongst team by providing support and training

Framework

  • Follow the international framework designed to standardize the selection, planning, delivery, and maintenance of IT services within a business

Technology Research

  • Strategic planning (medium and long term) based on company objectives to keep in line with new developments in IT
  • Research new technology to determine what would best support their organization in the future

Job Requirements

 Minimum Qualifications:

  • Bachelor’s degree holder in Computer Science/Engineering or equivalent Knowledge
  • Broad knowledge across all areas of the Technology Architecture domain including Cloud Computing (IaaS, PaaS, AWS, Azure etc.) Data Center, Data Storage Technologies, Virtualization, server platforms (Windows and Linux), Desktop, mobility solutions, systems monitoring/management, data protection, high availability/clustering, network (WAN/LAN/WLAN etc.), Security (Firewall, IDS/IPS, VPN etc.)
  • Strong proficiency in Incident Management and Response.
  • Experience in security device management and SIEM.
  • In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
  • Experience in threat management and threat intelligence.
  • Good understanding of Infrastructure Security and its impact on Security Operations, Vulnerabilities, Reporting, Analytics and Monitoring.
  • Ability to develop a comprehensive understanding of Finning’s business, market and industry and relate that knowledge to identified operations and IT-related risks
  • Familiar with the basic principles of organizational change management, and understanding of how to apply these principles
  • Ability to understand the long-term ("big picture") and short-term perspectives of situations
  • Ability to estimate the financial impact of risk mitigation alternatives
  • Ability to quickly comprehend the functions and capabilities of new technologies
  • Knowledge of many, if not most, aspects of information security architecture Understanding of network and enterprise architecture Certifications: CISSP or CISM , Network and security , Microsoft Azure Administrator Certification and Industrial Cybersecurity

Minimum Experience

  • Minimum 5 years’ experience in Information Technology (IT) & Operational Technology (OT) Cyber security
  • Hands-on experience running mission-critical cybersecurity operations
  • Proven experience building a service-oriented organization and driving or promoting a service delivery model
  • Exhibit excellent analytical skills and the ability to manage multiple projects under strict timelines as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
  • Project management skills: financial/budget management, scheduling, and resource management
  • Experience with contract and vendor negotiations, and expertise in negotiating complex contracts and managing vendors, including design, and tracking of Service Level Agreements (SLAs)
  • High level of personal integrity as well as the ability to professionally handle confidential matters and to show an appropriate level of judgment and maturity
  • Self-starter, accountability, and the ability to work with little supervision
  • Limited travel to project sites
  • Due to nature of 24/7 operation may be required to work after hours or on weekend
  • Flexibility to work in shifts as required

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

QA Lead (m/f/d)

Halian, Abu Dhabi
10 hours ago
Key Responsibilities:Lead the QA team in planning, designing, and executing test strategies for healthcare applications. Oversee manual and automated testing efforts across mobile (iOS/Android) and web platforms. Define and maintain test plans, test cases, and test scripts for functional, regression, integration, and UAT testing. Ensure compliance with healthcare standards and regulations (e.g., HIPAA, HL7, FHIR). Collaborate with product managers, developers,...

Site Landscape Architect

GHD, Abu Dhabi
1 day ago
Job DescriptionWith more than 14000+ people around the globe, GHD is one of the world’s leading professional services companies operating in the global markets of water, energy and resources, environment, property and buildings, and transportation. Serving clients across five continents and the Pacific region, GHD people share a passion for exceeding the expectations of our clients and contributing to their...

HSE Inspector

Tabreed, Abu Dhabi
1 day ago
Position : EPPI HSE InspectorJob ObjectiveTo support, guide, and conduct inspections for the effective implementation and monitoring of the HSE Management System (HSE-MS) at EPPI, ensuring compliance with safety regulations and fostering a safe and sustainable work environment.Key Accountabilities HSE Inspection: ResponsibilitiesEnsures the effective implementation and monitoring of EPPI’s HSE management systems to maintain compliance with company policies and government...