Information Security Consultant United Al Saqer Group UAE

United Al Saqer Group UAE (UASG) is presently hiring for the job position of an Information Security Consultant. This job has recently been posted by company’s career page and is now open for all interested candidates.

Responsibilities of Information Security Consultant

• Reviews information systems for compliance with legislation and specifies any required changes.
• Responsible for ensuring compliance with organizational policies and procedures and overall information management strategy.
• Explains the purpose of and provides advice and guidance on the application and operation of elementary physical, procedural and technical security controls.
• Performs security risk, vulnerability assessments, and business impact analysis for medium complexity information systems.
• Investigates suspected attacks and manages security incidents.
• Uses forensics where appropriate.
• Interprets information assurance and security policies and applies these in order to manage risks.
• Uses testing to support information assurance.
• Contributes to the development of policies, standards and guidelines.
• Maintains knowledge of specific specialisms, provides detailed advice regarding their application and executes specialized tasks.
• Clearly articulates, and formally reports potential risks and benefits from both structural and incremental change.
• Encourages and motivates colleagues to share creative ideas and learn from failures.
• Carries out risk assessment within a defined functional or technical area of business.
• Uses consistent processes for identifying potential risk events, Conflicts, quantifying and documenting the probability of occurrence and the impact on the business.
• Refers to domain experts for guidance on specialized areas of risk, such as architecture and environment.
• Co-ordinates the development of countermeasures and contingency plans.
• Maintains awareness of opportunities provided by new technology to address security challenges or to enable new ways of working.
• Within sphere of influence, works to further organizational goals, by the study and use of emerging technologies and products.
• Contributes to briefings and presentations about their relevance and potential value to the organization.
• Provides input to the service continuity planning process and implements resulting plans.
• Assists in providing accessibility, retrievability, security and protection of data in an ethical manner.

What You’ll Do More?

• Ensures that security records are accurate and complete and that request for support are dealt with according to set standards and procedures.
• Promotes and ensures use of appropriate techniques, methodologies and tools.
• Monitors the application and compliance of security administration procedures and reviews information systems for actual or potential breaches in security.
• Ensures that all identified breaches in security are promptly and thoroughly investigated and that any system changes required to maintain security are implemented.
• Contributes to the creation and maintenance of policy, standards, procedures and documentation for security.
• Coordinates and manages planning of penetration tests, within a defined area of business activity.
• Delivers objective insights into the existence of vulnerabilities, the effectiveness of defenses and mitigating controls both those already in place and those planned for future implementation.
• Takes responsibility for integrity of testing activities and coordinates the execution of these activities.
• Provides authoritative advice and guidance on the planning and execution of vulnerability tests.
• Defines and communicates the test strategy.
• Manages all test processes, and contributes to corporate security testing standards.
• Diagnoses incidents according to agreed procedures within Info Sec domain.
• Investigates causes of incidents and seeks resolution.
• Escalates unresolved incidents.
• Documents and closes resolved incidents according to agreed procedures.

Eligibility Requirements

The eligibility requirements for role of Information Security Consultant are as under:

• Bachelor’s degree from an accredited college or university in Computer or Information Technology, Computer Science, Management Information Systems or other information technology or related fields.
• At least 5+ years of experience working in IT Security / Information Security and an overall IT experience of 8+ years.
• Experience with Technology Governance i.e. Creation of Policy, Standards, Guidelines & Procedures.
• Experience with Information Risk Management including Cloud and On Premise Resources.
• Experience of full-lifecycle implementation of ISO 27001.
• Experience with Technology Compliance i.e. regulatory compliance, ISO 27001, ISO 20000, ITIL V3, COBIT, CIS/NIST security baselines etc.
• Solid experience with enterprise level “Security Incident & Event Management” technology.
• Certification Advantage i.e. CISM,CISSP,CCSP,CEH. 

Skills Desired

• Solid knowledge of: malware, vulnerabilities, exploits, network forensics, packet analysis.
• Good understanding of IDS, IPS, Firewalls, Web Filtering technologies, ATP method.
• Understanding of Cloud and On Premise ERP applications and general business operations.
• Process Orientation and Optimization.
• Structured, analytical and result oriented approach.
• Networking & Interpersonal skills.
• Stress resistance, team orientation.
• Excellent communication skills.
• Team Management.

Security Manager Aramex UAE