Senior Analyst Information Security

aG Resources is looking for a Senior Analyst Information Security for our reputable client in Dubai.

Location: Dubai

Duration: 6 months contract renewable

General Responsibility:

Effective development and implementation of Information Security policies, procedures and controls covering all areas of assigned department activity so that all relevant procedural/legislative requirements are fulfilled with quality and within the defined timeline.

Identification of opportunities for continuous improvement and sustainability of systems, processes and practices considering global standards, productivity improvement and cost reduction. Day to day operations and requests with regards to the information security assurance.

Job Specific Responsibility

• Information Security Activities (Governance, Risk & Compliance):
• Develop, implement, and maintain the information security program of Company as per local and international standards and
• in alignment with Company vision and strategy.
• Develop and review information security policies and procedures according to the industry best practices and relevant
• standard requirements.
• Develop guidelines and procedures for various controls procedures according to the industry best practices and relevant
• standard requirements.
• Coordinate with Company stakeholders to ensure adequate implementation of information security controls and practices in
• accordance with Company information security policies.
• Manage day to day operations and requests with regards to the information security assurance.
• Establish and maintain a single framework to manage multiple management systems more efficiently under an Integrated
• Management System (IMS).
• Measure the effectiveness of the information security program and report progress to IMS Committee.
• Continually introduce improvements to IMS and information security program according to the results of effectiveness
• measurements and internal/external audit findings.
• Create and lead a security awareness program to provide awareness and trainings throughout the organization using
• different methods and techniques to increase the maturity level of company staff in information and cyber security awareness
• and practices.
• Analyze data privacy risks, develop and implement data privacy policies and procedures, monitor compliance, and
• conduct data privacy training for company’s staff.
• Periodically assess the maturity of people, processes and technology used to ensure safe and secure operation.
• Work closely with external regulators on the implementation of UAE Information Assurance Standard and report all
• related matters.
• Ensure possible measures so that contractors and third parties apply adequate security for the protection of sensitive information.
• Assess risks to information assets by looking for potential impacts that can happen and threaten the company and then plan for
• treatments to reduce these risks in alignment with Enterprise Risk Management policy.
• Ensure continuous compliance with regulatory and standard requirements of UAE Information Assurance Standard and
• ISO27001 through internal and external audit engagements.
• Management and maintenance of information security risk register.
• Conduct Information & cybersecurity awareness (digital & physical sessions)
• Conduct Access review covering all the company’s assets.
• Ensure that all reports are prepared timely and accurately and meeting company’s requirements, policies, and quality
• standards.

Qualification and Experience

• Certifications: ISO courses and certificates (27001)
• Good Understanding of local information security standards and the UAE’s regulatory environment
• Minimum 4-6 years of experience in information security in Financial Services (banking, Insurance, exchanges).
• Minimum 2 years of experience in implementation/maintenance/auditing of information security management (ISMS).
• Minimum 2 year of experience in incident management/incident handling, change management, risk management,
• vulnerability assessment and related topic(s)
• Advanced level of English (written and spoken)
• Arabic (written & spoken) skills preferred.

Additional Desired Skills: 

• Expertise in implementation, maintenance and Auditing of global standards ISO 22301:2019 as well UAE local standards
• like NCEMA.
• Establishing and oversee business continuity management system functions which include developing, reviewing and
• updating policies, procedures, processes including BCP / DRP.
• Coordinating BCP and DR periodic tests.