Develop and implement department strategy following Daman strategy, set departmental and operational goals and initiate measures to reach goals and to improve department performance
Lead performance management process evaluating progress against departmental goals
Responsible for result-oriented management and development of people/resources, incl. provision of strong day-to-day leadership presence involving resource allocation, monitoring, reporting, and conducting regular staff meetings
Manage department expenditure and requirements, minding the impact on the financial budget
Foster organisational culture by establishing quality awareness and service orientation and complying and implementing processes such as Project and Change Management
Initiate, develop, implement and ensure adherence of policies and procedures
Promote the recruitment and development of UAE Nationals to contribute to Daman’s strategic goals
Department specific:
Create information security program in collaboration with all stakeholders such as Information Technology Services Leadership to build and maintain a multi-year cyber security roadmap for DAMAN
Lead the implementation, maintenance, enhancement, and documentation of DAMAN’s Information Security Program (e.g. System Security Plans (SSP), Business Impact Analysis and Assessment, Contingency Plan, Disaster Recovery, Continuity of Operations, etc.)
Develop, maintain, publish and oversee up-to-date security policies, standards and guidelines. Create, communicate and implement a risk-based process for vendor risk management, including assessment and treatment for risks that may result from partners, consultants and other service providers
Conduct Information Security Risk Assessment and coordinate audits on regular basis.
Recognise threats and vulnerabilities; identify information security issues and concerns
Develop and implement prioritised risk treatment plan to tackle identified information security issues and concerns
Evaluate and incorporate government requirements into Daman’s Information Security Programme, by reviewing, calculating impacts, NESA reporting progress and commenting on HAAD directives
Promote awareness of security issues, including developing and conducting Information Security Awareness Training
Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals. Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security incident, and provide direction, support and in-house consulting in these areas