CISO Full-time Job2 weeks ago IT & Telecoms Abu Dhabi 46 views Reference: 27257
ESSENTIAL TASKS AND RESPONSIBILITIES:
· Manage the implementation and achievement of cybersecurity objectives and goals.
· Support the development, allocation and utilization of cybersecurity budget and exercise expenditure controls where applicable.
· Advise the management on the entity’s risk levels, security posture, cost/benefit analysis of information security programs, policies, processes and systems.
· Lead and oversee information security budget, staffing, and contracting.
· Collect and maintain data needed to meet cybersecurity reporting requirements.
· Communicate the value of cybersecurity throughout all levels of the organization stakeholders.
· Collaborate with stakeholders to establish the business continuity plan and ensure that cyber security requirements are integrated into it.
· Ensure that security improvement actions are evaluated, validated, and implemented as required.
· Ensure that protection and detection capabilities are acquired or developed using the IS security engineering approach and are consistent with organization-level cybersecurity architecture.
· Establish overall enterprise information security architecture with the organization’s overall security strategy.
· Interpret and/or approve security requirements relative to the capabilities of new information technologies.
· Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the entity’s cybersecurity program.
· Manage the monitoring of information security data sources to maintain organizational situational awareness.
· Manage threat or target analysis of cyber defense information and production of threat information within the entity.
· Monitor and evaluate the effectiveness of the entity’s cybersecurity safeguards to ensure that they provide the intended level of protection.
· Oversee the cyber security training and awareness program.
· Develop and apply appropriate Risk Management Strategy.
· Participate in the periodic risk assessments during the Security Assessment and Authorization process.
· Recognize a possible security violation and take appropriate action to report the incident, as required.
· Recommend policy and coordinate review and approval.
· Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
· Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities.
· Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
· Oversee policy and standards and implementation strategies to ensure procedures and guidelines comply with cyber security policies.
· Establish an appropriate security governance structure, models and program, and oversee Risk
· Governance process.
· Continuously validate the entity’s compliance against policies/guidelines/procedures/regulations/laws.