Analyst, IT Security | Borouge
A well-known and well-reputed Company based in Abu Dhabi, United Arab Emirates is looking for an experienced, skilled, competent, mature, qualified, creative, and intelligent candidate with significant knowledge and relevant working experience for the position of “Analyst, IT Security “.
Company Name |
Borouge – Abu Dhabi |
Qualification | BSc Degree (IT) | CCNA | CISSP | CISM | CISA |
Experience | 8 – 9 years of Relevant Experience Required |
Monthly Salary | 8,500 AED – 10,500 AED |
Employment Type | Full Time | Permanent |
Company Size | 50-100 Employees |
Benefits | Medical Insurance |
Location | Abu Dhabi |
Job Purpose:
Maintain and implement the Information Security Management System and IT Risk management initiatives across the IT infrastructure and monitor corporate-wide compliance with Information Security policies, procedures, and guidelines to ensure the effectiveness of the company’s Information Security and Risk Management Programs.
Key Accountabilities:
Risk and Compliance Management
- Identify any potential areas of compliance vulnerability and risk in order to implement corrective action plans for resolution of problematic issues, and provide general guidance on measures to avoid or deal with similar situations in the future.
- Perform Risk assessment on the risks that could seriously impact IT services across enterprise IT infrastructure against the ISO 27001 standards and recommend the appropriate controls and risk plans and programs to mitigate the risk.
- Monitor and identify any new technology risk threat and take proactive measures to protect the company’s computing and networking environments.
- Supervise and participate in the conduct of penetration testing to assess the vulnerabilities and weaknesses in the systems.
- Participate in the planning for the restoration of IT services to provide adequate backup and recovery mechanisms for unexpected contingencies.
- Track and analyze performance and security risk measures and use that information to continually improve Information security.
- Coordinate with various stakeholders’ e.g. corporate compliance, internal audit and corporate risk management, and various IT technical teams for the design and implementation of audit, risk assessment, and regulatory compliance practices for IT.
- Coordinate the internal and external audits and follow up the implementation of Audit recommendations with various IT sections to mitigate identified risks.
- Act as a technical Security advisor to observe and provide timely information about the latest threats, their applicability, and mitigation measures.
- Investigate any forensic analysis, if required, to identify any actual or potential information security violations and risks.
- Information Security Operations and Administration
- Provide input to the development of enterprise Information Security policies, standards, best practices; monitor security profiles, review security violation reports and investigate possible security exceptions to ensure information systems security is applied across the enterprise.
- Implement processes and methods for the purpose of auditing and addressing non-compliance issues to information security standards.
- Participate in the review of new information systems designs and major system modifications for compliance with information security policies and standards.
- Participate in the planning of security administration for the smooth implementation of all IT Projects.
- Participate in the planning and testing of the Contingency and Disaster Recovery activities to maintain service levels and ensure the continuous operation of the information services.
IT Audit
- Engage with external and internal auditors for compliance and audit programs.
IT Infrastructure
- Periodically assess the information assets and IT infrastructure to detect any vulnerabilities and potential risk attacks.
IT Training and Development
- Ensure continuous awareness training and development among the IT staff and end-users throughout the organization.
Minimum Qualification:
- University Degree in Information Technology, Computer Science, Computer Engineering or equivalent.
Minimum Experience, Knowledge & skills:
- Should have a minimum of 8 years of work experience from a large-scale company.
- Awareness of ITIL processes like incident management and problem management is advisable.
- ITIL V3 foundation certification is preferred.
- In-depth knowledge on security support and security risk analysis preferably ISO 27001, NESA, ISA99 Risk Management, in a corporate multi-location company.
Professional Certifications:
- Hold Professional Certification in CISA, CISM, CISSP, CCNA would be a plus.