Information Security Manager

Michael Page
Dubai
AED 200,000 - 400,000
Job description

Roles and Responsibilities

  • Develop and manage a comprehensive security program focused on securing infrastructure, products, and customer data.
  • Oversee the development and enforcement of security policies, incident management processes, and risk mitigation strategies.
  • Collaborate with development teams to integrate security into each phase of the software development lifecycle. Ensure code reviews, secure coding practices, and vulnerability scanning are executed.
  • Ensure robust security measures are implemented to protect IT infrastructure, including data centers, customer-hosted systems, and internal environments.
  • Lead regular penetration testing, vulnerability assessments, and remediation efforts across all systems, collaborating with development and IT teams to ensure security posture.
  • Implement and manage encryption technologies and data protection patterns to safeguard sensitive information and ensure compliance with regulatory requirements.
  • Lead incident detection, response, containment, and forensic investigations. Proven ability to handle high-severity incidents and mitigate potential risks.
  • Conduct IT risk assessments, manage vendor risk, and implement security controls to mitigate vulnerabilities.

The Successful Applicant

  • 10+ years of experience in Information Security.
  • Strong technical background, with deep expertise in security architecture, penetration testing, and infrastructure security.
  • Extensive experience in the secure software development lifecycle (SDLC), including secure coding, vulnerability management, and code reviews.
  • Expertise in incident response, digital forensics, and malware containment.
  • Familiar with encryption, data protection patterns, and regulatory compliance.
  • Experience securing cloud environments (AWS/Azure) and financial systems like SWIFT.

Desired Candidate Profile

  1. Security Strategy Development: Creating and implementing a comprehensive information security strategy that aligns with organizational goals and risk management frameworks.

  2. Risk Assessment: Conducting regular assessments to identify vulnerabilities and potential threats to information systems and data.

  3. Policy and Procedure Development: Establishing and maintaining information security policies, standards, and procedures to guide the organization’s security practices.

  4. Incident Response Management: Leading the response to security incidents, including investigations, mitigation, and reporting to minimize impact.

  5. Compliance Management: Ensuring compliance with relevant regulations, such as GDPR, HIPAA, or PCI-DSS, and preparing for audits.

  6. Training and Awareness: Developing and delivering training programs to educate employees about information security best practices and policies.

  7. Monitoring and Reporting: Implementing security monitoring tools to detect and respond to threats, and generating reports for management on security status and incidents.

  8. Collaboration: Working closely with IT, legal, and compliance teams to ensure a coordinated approach to security.

  9. Vendor Management: Assessing and managing third-party vendors to ensure their security practices meet organizational standards.

  10. Continuous Improvement: Staying up-to-date with emerging security threats, trends, and technologies to enhance the organization’s security posture.

Key Skills:

  1. Technical Knowledge: Strong understanding of information security concepts, technologies, and best practices, including firewalls, intrusion detection systems, and encryption.

  2. Risk Management: Proficiency in risk assessment methodologies and the ability to prioritize security measures based on risk levels.

  3. Regulatory Knowledge: Familiarity with relevant laws and regulations governing data protection and privacy.

  4. Analytical Skills: Ability to analyze security incidents and data to identify trends and areas for improvement.

  5. Communication Skills: Excellent verbal and written communication skills to effectively convey security concepts to technical and non-technical audiences.

  6. Leadership: Strong leadership and team management skills to guide and motivate a security team.

  7. Problem-Solving: Ability to quickly assess situations and develop effective responses to security threats.

  8. Project Management: Skills in managing security projects, including planning, execution, and reporting.

Get a free, confidential resume review.
Select file or drag and drop it
Avatar
Free online coaching
Improve your chances of getting that interview invitation!
Be the first to explore new Information Security Manager jobs in Dubai