IT Security & Compliance Officer (ISO) Required (Saudi Arabia)
Industry: IT Support and Networking
Location: Saudi Arabia
This candidate will work under the guidance of the IT Head and will be responsible and accountable for IT Security and IT compliance of the company.
He shall be responsible for preparing the IT security policies and procedures in compliance with the regulatory requirements and ensure the security policies are applied throughout the IT Infrastructure.
Main Roles/Responsibilities:
Communications and Relationship: The ability to communicate to all the stake holders. Further he has the responsibility of creating security awareness among the organization staff and stake holders.
Risk and Control Assessment: To do the risk assessment of the information assets of the organization. He is expected to recommend controls in light of the value vs. threat vs. vulnerability vs. cost.
Threat and Vulnerability Management: A security officer is required to conduct periodic vulnerability assessment of the assets of the company. Further he is expected to analyze the logs of the various systems for initiating preventive measures.
Identity and Access Management: Ensure that process exist in the organization for the creation, modification, access privileges and deletion of User ID. Conduct review to assess that the access privileges are on the basis of need to know.
Apply proven, high level security management and analysis to enforce compliance with information security laws, rules and regulations.
Reduce security vulnerabilities, monitor, investigate and reports non compliance to the IT Head.
Prepare audit procedures and conduct security audits.
Identify foreseeable internal and external information security risks.
Perform risk and cost benefit analyses to determine appropriate levels of security controls and systems monitoring to ensure compliance with privacy and information security policies and procedures.
Propose new solutions (hardware / software) on a timely basis to prevent latest threats and intrusions.
Responsible for protecting the company’s intellectual property, customer’s information, virtual and physical network.
Qualification:
Bachelor’s degree or higher in Computer Science, Information Systems or a related fieldOne or more of the following certifications: CISSP (Certified Information Systems Security Professional), GIAC (Global Information Assurance Certificate), SSCP (Systems Security Certified Practitioner), CISA (Certified Information Systems Auditor).One or more of the following Cisco Certifications: CCNA (Cisco Certified Network Associate)CCSP (Cisco Certified Security Professional)CCIE Security (Cisco Certified Internetwork Expert - Security)
Skills:
- Familiarity with current security policy compliance requirements such as FERPA, HIPAA, Sarbanes-Oxley, and Gramm-Leach-Bliley.
- Experience in the development and implementation of planning security policies, procedures, and/or safeguards.
- Extensive knowledge of security administration and computer security tools.
- Experience in retrieving, analyzing, reporting, addressing and/or tracking security intrusions and vulnerabilities.
- Knowledge of Financial Services policies and procedures as they relate to IT security issues.
- Experience on Cisco Routers, Switches, Firewall and other security hardware and software products.
Other Competencies:·
Excellent communication skills, organizational abilities and interpersonal skills. Ability to coordinate and supervise. Ability to present plans and proposals to executive management.
No. of Year Experience: 7+ years of experience in computing or related area with a focus on technology, management, policy and security.
Platforms: HP Unix, Windows Server.
Email this Job to a Friend
