Hamdan Bin Mohammed Smart University
The Information Security Manager is responsible for protecting the university’s computers, servers, network, applications, and data against information security threats, such as security breaches, computer viruses, cyber-attacks, etc. Suggests strategies, approaches, and tools necessary to ensure the confidentiality, integrity, and availability of university electronic data.
- Develop and direct the implementation of information security standards and best practices.
- Continuously review, implement and maintain effective security policies, procedures, and practices.
- Develop and assure the implementation of different types of internal AI & Technology division (AIT) audits and assessment activities to ensure continuous improvement within AIT.
- Regularly review AIT compliance with relevant information security policies, procedures, laws, and regulations, and alert Vice Chancellor for AIT (VCAIT) to any non-compliance findings together with the recommended action plans.
- Analyze information security logs for security violations and anomalies, collect incident responses, and carry out forensic investigations when required.
- Conduct penetration testing activities including network penetration testing, web application penetration testing, wireless penetration testing, and communicate the findings with the mitigation procedures to VCAIT.
- Ensure proper protective and/or corrective measures are taken when an information security incident or vulnerability is discovered within a system or application.
- Implement controls for the execution of risk treatment plans and updates the risk register.
- Ensure the AIT continued compliance and certification for ISO 27001. Be the focal point for AIT for internal and external audits.
- Perform information security-related awareness sessions for university stakeholders, as necessary.
- 5 years of relevant IT experience including 3 years of experience in a management position.
- Bachelor’s degree in computer science or computer engineering from an accredited university. Master’s degree is an advantage.
- Information security certificates (CISSP and CISM).
- AWS native services, especially as related to security and infrastructure.
- Network technologies (protocols, design concepts, access control).
- Security technologies (encryption, data protection, design, privilege access).
- Information security standards and frameworks such as ISMS.
- Interpersonal and communication skills .
- Ability to work effectively with a wide range of constituencies in a diverse community.
- Analytical and problem-solving abilities to identify and fix security risks.
- Ability to lead and execute an audit throughout the end to end process.
- Ability to plan, organize, lead and control.
- Ability to deal with complex issues.
- Ability to gather data, compile information and prepare reports.
- Ability to develop, plan, and implement short- and long-range goals.
- Excellent communication skills in English language; Arabic language is an advantage.