Manager Information Security Full-time Job

Responsibilities

Day to Day Operations

Identify best practices in information security policies, processes and standards and recommend their adoption, when applicable, across Core42.

Ensure continuous engagement with information security regulators to keep up to date with the latest information security regulations.

Update and maintain information security standards and make necessary modifications to existing information security management systems.

Provide relevant security architecture services to different departments across the Injazat ecosystem.

Develop strong information security operations and risk management policies to facilitate compliance with industry regulations.

Enforce security policies to provide direction and support for protecting data and assets in accordance with Core42’s needs.

Ensure the implementation of security audits and system vulnerability tests across Core42.

Monitor and manage data security profiles by reviewing security violation reports and ensuring application of security policies and procedures.

Inspect IT infrastructure installations (help desk, service maintenance, service management, network and communications, systems and database/data centre) to ensure adherence with Core42, as well as external, guidelines and standards.

Coordinate with information security risk management to identify potential threats to business continuity due to non-compliance with policies and standards.

Oversee the review of user access rules to balance security needs with ease of use in accordance with job related requirements and security policies & guidelines.

Ensure information security audit systems and scheduled audits are applied to ensure compliance with standards and regulations.

Review and analyze reports on compliance actions against information security regulations and policies.

Oversee and analyze trainings conducted on compliance security policies across Core42.

Ensure that the processes used in security control (preventative, detective, and corrective) are in full compliance with established security standards and policies.

The candidate should have a good understanding of MS Azure cyber security controls and concepts.

Understanding the basic concepts of cloud computing, including service models (IaaS, PaaS, SaaS), deployment models (public, private, hybrid), and cloud architecture principles. Understanding of cloud technologies with security best practices, access and identity, protecting data and applications, as a desired qualification.

Azure Platform Knowledge: In-depth understanding of Azure services, features, and capabilities relevant to governance, compliance, and risk management.

Risk Management Frameworks: Proficiency in risk management frameworks such as NIST RMF (Risk Management Framework), ISO 31000, and COSO, and their application in cloud environments.

Security Controls and Best Practices: Knowledge of security controls, best practices, and methodologies for securing cloud infrastructure, data, and applications.

Experience with the Cloud Security Alliance's Cloud Controls Matrix (CCM), development & governance and compliance framework as desired qualifications.

Knowledge of cloud governance best practices, including resource tagging, cost management, compliance reporting, and resource optimization.

Risk Assessment and Management: Ability to conduct risk assessments, identify security vulnerabilities, prioritize remediation efforts, and implement risk management strategies.

Proficiency in documenting security configurations, generating compliance reports, and communicating security posture to stakeholders.

Continuous Learning and Adaptation: Given the dynamic nature of cloud security and compliance, a willingness to continuously learn about new threats and vulnerabilities.

Policies, Processes & Procedures

Recommend improvements and contribute to the implementation of procedures & controls so that all relevant procedural requirements are fulfilled while delivering the highest quality of service to customers.

Security Standards and Reports

Prepare security compliance standards and reports to meet the department’s and Core42’s requirements, policies, and standards.

Qualifications

Minimum Qualifications:

Bachelor’s Degree in Computer Science, Information Technology, Engineering or related fields

Minimum Experience

Minimum 12 years of experience in systems security, data security audits and enterprise resource information

At least 6 years of experience in business continuity protocols, risk and governance managemen

Core42, a G42 company, is a full-spectrum AI enablement solutions provider. Being at the core of the G42 ecosystem, Core42 serves as a trusted partner who innovates and implements at speed and scale. Building on our global partnerships and comprehensive set of capabilities across cloud, cybersecurity, AI & data, and digital services, our purpose is to accelerate what people, enterprises and nations can achieve with AI.