Head IT Infra & Security IFFCO UAE

IFFCO is currently looking to hire qualified candidates for the role of a Head IT Infra & Security in Dubai. This position requires an individual with sound knowledge of business management and hands-on experience in various aspects of information security. The successful candidate will be responsible for establishing and maintaining a groupwide information security management program to ensure that information assets are adequately protected. The role holder will also be responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the enterprise risk management.

 Responsibilities of A Head IT & Infra Security

• Develop, implement and monitor a strategic, comprehensive enterprise information security and support risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization
• Develop, maintain and publish up-to-date information security policies, standards and guidelines.
• Oversee the approval, training, and dissemination of security policies and practices.
• Liaise with the Infrastructure and Application teams to ensure alignment between the security and enterprise IT application’s architecture, thus coordinating the strategic planning implicit in these architectures.
• Create and manage information security and cyber risk management awareness training programs for all employees, contractors and approved system users.
• Develop a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.
• Provide regular reporting on the current status of the information security program and ITGC controls to enterprise risk teams, senior business leaders.
• Provide Third-party risk assessments for various IT vendors and Products, and issue security schedules.
• Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.
• Ensure that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
• Liaise with external agencies, such as law enforcement and other advisory bodies as necessary, to ensure that the organization maintains a strong security posture.
• Provide strategic cyber risk guidance for technology projects, including the evaluation and recommendation of technical controls.

What You’ll Do More

• Liaise among the information security team and corporate compliance, audit, legal and human capital teams as required.
• Manage security incidents and events to protect corporate technology assets, including intellectual property, regulated data and the company’s reputation.
• Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
• Coordinate the use of external resources involved in the information security program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources.
• Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals.
• Provide direction, support and in-house consulting in these areas.
• Mentor and coach direct reports ensuring success in their role and readiness for success into new roles within the information security function
• Manage the enterprise’s information security organization, consisting of direct reports and indirect reports (such as individuals in technology operations or managed service providers). This includes hiring, training, staff development, performance management and annual performance reviews.
• Develop self and others within the function through mentoring, training and engagement in talent development activities.

Requirements for Role of A Head IT Infra & Security

The eligibility requirements for role A Head IT Infra & Security are as under:

• Bachelors Degree required. Master’s Degree is preferred.
• IT Risk & Security Certification or similar preferred – e.g. CISA, CISM, CISSP, PCIP.
• A minimum of 12 years of professional IT Risk and Security related experience.
• Expertise and experience in implementing & monitoring Information Security controls, practices and technology for multiple levels within an organization, cascade, and plan Training sessions as and when needed.
• Cloud security experience, Azure security certifications is added advantage
• SOC/Security Incident Management experience, CISM/Similar certification is added advantage.
• Network security experience, Firewalls, IPS log analysis.
• Data Security experience AIP, CASB, DLP, Intune etc.
• Preventive/Detective security tools, SIEM, xDR, EDR etc.
• Experienced in handling internal and external audits and IT General Controls.
• Microsoft Azure and AWS Cloud Infra security expertise.

Knowledge & Skills Desired

• Knowledge and expertise in Cisco, Checkpoint Firewalls, Fortinet and Cloud based internet access and web filtering, Web application Firewalls, DMZ, End user desktop/laptop/handheld devices security.
• Knowledge of security setup in SAP, Oracle, Windows and Linux systems.
• Business Acumen.
• End user Computing environment.
• IT Architecture (Infra and Application).
• IT Budget and cost control.
• Knowledge of Corporate Governance Practices.
• Leading and Managing Change.
• Ownership and Accountability.
• Self and Team Management.

Project Manager IFFCO UAE