Read the Job Description carefully, then scroll down for "Details to Register for this Job"...
Majid Al Futtaim invites you to join us in our quest to create great moments for everyone, everyday! We are the leading shopping mall, residential communities, retail and leisure pioneer across the Middle East, Africa and Asia, serving over 560 million visitors a year. For the past two decades, we have shaped the consumer landscape across the region, transforming the way people shop, live and play, while maintaining a strong sustainability track record and the largest mall in the world to attain LEED Gold EBOM Certification. We have over 40,000 team members in 15 international markets representing over 100 nationalities – all keeping the customer at the heart of everything we do. If you enjoy being BOLD, PASSIONATE and TOGETHER, then Majid Al Futtaim is the destination for you.
Role Purpose:
The Information Security & Compliance Lead is responsible for developing and executing the organization's cybersecurity operations strategy. This role involves overseeing a team of security professionals and coordinating efforts with multiple stakeholders to ensure that information assets are adequately protected. The role holder will design, implement, and operate a suite of security technologies to achieve the desired protection levels. Additionally, this position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise.
This position requires a visionary leader with sound knowledge of business management and a deep understanding of cybersecurity principles, architecture, and technologies. The Information Security & Compliance Lead will proactively work with the business units and Head Office Data Protection Team to implement practices that meet defined policies and standards for information security, will also oversee IT security operational activities across the Group.
The Information Security & Compliance Lead is the process owner of all activities related to ensuring the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organization's information security rules and principles. A key element of the role is implementing and maintaining a set of security controls to ensure the information risk is kept within the defined tolerance levels for the organization and ensure that information systems are maintained in a fully functional, secure mode.
Role Details – Key Responsibilities and Accountabilities:
The Information Security & Compliance Lead job is composed of a variety of responsibilities, including strategic, tactical, and operational activities in support of the overall organization’s strategy as follows:
Information Security Strategy, Planning and Governance
• Contribute to the development of the enterprise cybersecurity strategy
• Develop, implement and monitor a tactical plan for the execution of the enterprise cybersecurity strategy
• Facilitate information security governance through providing all the required input to the governance and oversight bodies
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems, IT operations, and services, including, but not limited to, cyber risk management, compliance and business continuity management
• Contribute to the development of enterprise information security policies, standards and guidelines own the development of policies and procedures related to the scope of duties.
• Implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants and other service providers
• Develop and manage information security budgets, and monitor them for variances
• Liaise with the enterprise architecture team and Holding security architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures
• Develop a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security
• Provide regular reporting on the current status of the information security program to Holding data protection team, enterprise risk teams, senior business leaders and the audit risk committees (ARCs) of the board of directors as part of a strategic enterprise risk management program
• Take ownership, maintain & update documented information security processes and procedures related to the full scope of responsibilities. This also include defining cross-functional processes with touchpoints with the information security function.
Information Security Risk and Control Management:
• Work directly with the business units to facilitate information risk assessment and management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk
• Implement a unified and flexible control framework to integrate and normalize the wide variety and ever-changing requirements resulting from company policies, global laws, standards and regulations
• Define and facilitate the information security risk assessment process in accordance with the enterprise risk management framework, including the reporting and oversight of treatment efforts to address risks beyond the defined risk appetite
• Ensure that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings
• Liaise with external agencies, such as law enforcement and other advisory bodies as necessary, to ensure that the organization maintains a strong security posture
Information Security Program & Operations Management
• Provide strategic cyber risk guidance for technology projects and operations, including the evaluation and recommendation of technical controls
• Coordinate information security and risk management projects with resources from the technology organization and business unit teams
• Lead the design, evaluation, selection, and implementation of security technologies and ensure these solution continue to operate as expected and to meet their control objective on continuous basis.
• Liaise among the information security team and corporate compliance, audit, legal and human capital teams as required
• Manage response to security incidents and events to protect corporate technology assets, including intellectual property, regulated data and the company's reputation. The job holder is expected to be on-call on 24*7 to join the command centre in case of high severity incidents needing prompt response actions
• Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
• Coordinate the use of external resources involved in the information security program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources
• Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals. Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event. Provide direction, support and in-house consulting in these areas
• Manage and monitor the performance of 3rd party vendors providing information security services
• Perform other related duties and fulfill responsibilities as required
Information Security Team & Talent Management
• Manage the enterprise's information security organization, consisting of direct reports and indirect reports (such as individuals in technology operations or managed service providers). This includes hiring, training, staff development, performance management and annual performance reviews
• Mentor and coach direct reports ensuring success in their role and readiness for success into new roles within the information security function
• Conduct performance evaluations, development and succession planning for direct reports
• Develop self and others within the function through mentoring, training and engagement in talent development activities
Definition of Success
• Proven track record and experience in developing and establishing information security management system (ISMS) with supporting policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment
• Demonstrated ability to achieve measurable information security operational excellence
• Knowledge and understanding of relevant legal and regulatory requirements, such as, Payment Card Industry/Data Security Standard, NESA, DESC ISR
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT and NIST Cybersecurity
• Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
• Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals
• Experience with contract and vendor negotiations and management including managed services
• Ability to build trusted relationships with stakeholders at all levels, and effective collaborations with other teams
Functional/Technical Competencies
Minimum Qualifications/Education/Experience
• A Bachelor or Master degree in computer science, engineering or technology-related field, or equivalent
• 10 to 15 years of experience in a combination of Information Security, Risk and Compliance, and technology related jobs
• A minimum of 5 years’ experience in a significant Information Security leadership role
• Professional security management certification, such as a Certified Chief Information Security Officer(C|CISO), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials
• Program/Project management skills: financial/budget management, scheduling and resource management. With a professional certification such as Project Management Professional (PMP) or other similar credentials is desired
• Experience in leading the implementation and operations of a wide range of security technologies such as EDR, PIM/PAM, CASB, DLP, VM, DAM, Deception, SAST/DAST, SIEM, etc
• Experience in securing hybrid IT environments that includes cloud as well as on premises components
Personal Characteristics and Required Background:
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences
• High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
• Poise and ability to act calmly and competently in high-pressure, high-stress situations
• High degree of initiative, dependability and ability to work with little supervision
• Must be a critical thinker, with strong problem-solving skills
DETAILS TO REGISTER FOR THIS JOB:
https://careers.majidalfuttaim.com/job/Info-Security&Compliance-Lead/969122801/Applied For Many Jobs, But Didn't Get Any Interview Calls? Apply For This Job Using a Branded AI-compliant ATS-Friendly CV from Dubai-Forever.Com.
What is an ATS CV?
Applicant Tracking System or "ATS", is the software that 'READS' your CV and stores this information in a database. Like this:
If the CV is not made as per the RULES of the ATS, the information will get messed up in the database. Like this:
And, you may never be found by the recruiter, in spite of your 'CV information' existing in the database...
...And, you'll keep wondering why you get rejected in spite of being a PERFECT MATCH for the Job.
Read more about the ATS CV:
https://www.dubai-forever.com/cv-writing-services.html#ATS-Compliant-CV
π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ
What's the most IMPORTANT thing you should read about a CV Writing Service?
Client Satisfaction Reviews, right?
You'll get a fair idea whether to purchase that service or not.
Read the recommendations our customers have written on my LinkedIn profile.
Click the LinkedIn banner below and then scroll down to the Recommendations section.
Navigate here for more testimonials/feedback about our expertise and results:
www.dubai-forever.com/resume-writing-feedback.html
www.dubai-forever.com/cv-writing-reviews.html
Also, read reviews about "www.Dubai-Forever.Com" on TrustPilot.com, the world's must trusted review site...
π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ
Want CV Samples & Templates for FREE?
Click on the CV's below to begin:
π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ
Join the Middle East's Best Job Groups on Whatsapp:
π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ
Join the Fastest Growing Jobs Group on LinkedIn:
π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ
Join our Telegram Group:
π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ
Submit your CV here, as well:
π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ
We support the Far-Sighted, Growth Oriented Vision announced by the UAE, Saudi Arabia, Qatar, Oman, Kuwait and Bahrain.
It's an exciting time and the next 30 - 40 years will be those of the GCC countries.
Excited about working in the GCC? Click on one of the banner's below...
π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ
SOCIAL INITIATIVE:
We publish job vacancies on this website and our Whatsapp groups for the benefit of job-seekers.
It is to help people who are searching for jobs from across the world.
This is a Social Initiative from our team @ dubai-forever.com, so please help us in this Noble Task by Forwarding these jobs within your Network.
Do this GOOD DEED.
You never know who will benefit from it.
You've heard about KARMA right?
It's waiting to give you 10X of whatever you do...Do the Good Deed. NOW!
π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π¦πͺ πΈπ¦ πΆπ¦ π΄π² π§π π°πΌ
