Group Vice President - Cyber Audit
We are seeking to recruit on behalf of our client a GROUP VICE PRESIDENT FOR CYBER AUDIT based in DUBAI ON A LONG-TERM RESIDENTIAL CONTRACT.
Purpose:
As the Group Vice President for Cyber Audit, your primary purpose is to lead and oversee the development, implementation, and continuous improvement of a robust global independent cybersecurity assurance program within our organization. Your role is critical in providing independent oversight and assurance to senior management and stakeholders that our cybersecurity measures effectively protect the organization's digital assets and data. You will lead complex IT and cybersecurity audits, assessments, and penetration tests to evaluate the effectiveness of security controls; manage external auditors and consultants as necessary.
Duties:
• Establish and maintain a Cybersecurity Assurance Program that includes overall framework, Cyber Assurance strategy, annual assurance plan, procedures, standards, and controls to safeguard our digital infrastructure and sensitive information.
• Deliver Cyber Assurance Program which includes complete IT Security and Cybersecurity related audits independently across all Group entities.
• Lead the Cyber Security Audit team to deliver the Cyber Security assurance program, addressing the highest risks and areas that matter the most for our business.
• Accountable for end-to-end cyber security audit program from risk identification, audit planning, scoping, execution reporting, and following up on closure of items.
• Continuously monitor and assess emerging threats and vulnerabilities and update Cyber Assurance Program accordingly.
• Project manage all Cyber Security Assurance work including directing, coordinating, reviewing, and reporting of the work of Security audit teams and providing expertise in all IT and Cyber Security related matters and audits.
• Conduct Cyber Security Audits using tools and or manual exploitation techniques, document, and present conclusions in a clear concise manner to business unit management and group senior management.
• Manage the Development, execution, and maintenance of comprehensive IT security audit work programs including common OS, network & database security, portals and application, internal and external penetration tests, configuration audits etc.
• Ensure regular IT Issues Follow up, IT Security Awareness campaign, and other Audit initiatives as required are conducted by the IT Security Audit team in line with GIA procedures manual.
• Promote and lead identifying and sharing IT security and general IT good practices that can be implemented within the Group and external entities.
• Advise HO, Regional and terminal IT on IT and IT Security trends and emerging risks.
• Perform other related duties as assigned.
Experience & Skill Qualifications:
• Computer Science Degree, preferably with specialization related to information security or cybersecurity.
• 2 or more IT security related / audit qualifications in good standing e.g., CISA, CISSP, CISM, CEH, CGEIT, OSCP.
• Proven leadership experience in global cybersecurity assurance roles.
• Deep knowledge of global cybersecurity principles, practices, and technologies.
• 10 to 15 years post qualification Cyber Security implementation and Audit experience including hands-on IT Security Testing experience including internal network vulnerability assessments and external penetration tests.
• Big 4 background beneficial.
• Developed and implemented a robust security assurance framework, ensuring alignment with industry standards and regulatory requirements.
• Led a team of cybersecurity professionals to perform comprehensive security assessments, including vulnerability scanning, penetration testing, and security audits.
• Conducting information security audit work which conforms to professional standards such as NIST, NIS, GDPR, CIS, COBIT, ISO 27001, ISR, NESA, GTAG, CIIPA and other standards applicable to Group entities.
• Industry experience in IT e.g., OS administration, network administration, firewall configurations and controls, IT security implementation, etc. is beneficial.
• Developing and delivering Cyber assurance in a large enterprise environment.
• Ability to analyze security risks from business unit level to organization-wide level.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
