We are one of the largest insurance brokers in the UAE and looking to hire Information Security Manager as a home-position.

• The role will require a solid understanding of information security, security infrastructure and business security.
• You will work with key stakeholders to analyze, define and implement industry best practices in line with maintaining and improving the company's overall security.
• You will also oversee IT-related risk management activities and will translate risk requirements and constraints of the business into technical control requirements and specifications, as well as provide regular status updates to management.

Responsibilities:

• Design policies, guidelines and appropriate architectural principles to ensure the company's cyber security goals are met;
• Work closely with the executive team and IT stakeholders to ensure that appropriate security measures are implemented for ongoing and upcoming digital initiatives
• Provide reports to summarize risk assessment and security activities, including objectives, planning, methodology, results, analysis and recommendations
• Develop, plan and implement Information Security projects
• Identify opportunities for enhancing the company's security, ensuring minimal impact to BAU;
• Act as Data Protection Officer ensuring systems and the information within them adhere to company data security protocols
• Ensure the company has an effective data retention and archiving process in place for systems that hold company data

Requirements:

• Bachelor's degree or Masters in Information Security, Information Systems or Information Technology
• 5+ years experience in Information Security or equivalent, at least 2 years in supervisory role
• Preferred industry qualifications - CISSP / CISA / CRISC/ ISO 27001 LA Certification
• Understanding of information security principles and industry best practices (e.g., ISO27001)
• Good understanding of the security risks associated with commonly used information technology systems that handle company data and implementing controls (eg. SaaS, email services);
• Experience running detailed risk assessment audits to identify technology security weaknesses
• A good understanding of IT networking and access management concepts;
• Ability to present security topics to a non-technical audience and highlight the business value
• Excellent interpersonal skills with the ability to build and influence teams