Information Security Manager (Priority to UAE Nationals)

Description:

The Information Security Manager is responsible for protecting the university’s computers, servers, network, applications, and data against information security threats, such as security breaches, computer viruses, cyber-attacks, etc. Suggests strategies, approaches, and tools necessary to ensure the confidentiality, integrity, and availability of university electronic data.

Responsibilities

• Develop and direct the implementation of information security standards and best practices.
• Continuously review, implement and maintain effective security policies, procedures, and practices.
• Develop and assure the implementation of different types of internal AI & Technology division (AIT) audits and assessment activities to ensure continuous improvement within AIT.
• Regularly review AIT compliance with relevant information security policies, procedures, laws, and regulations, and alert Vice Chancellor for AIT (VCAIT) to any non-compliance findings together with the recommended action plans.
• Analyze information security logs for security violations and anomalies, collect incident responses, and carry out forensic investigations when required.
• Conduct penetration testing activities including network penetration testing, web application penetration testing, wireless penetration testing, and communicate the findings with the mitigation procedures to VCAIT.
• Ensure proper protective and/or corrective measures are taken when an information security incident or vulnerability is discovered within a system or application.
• Implement controls for the execution of risk treatment plans and updates the risk register.
• Ensure the AIT continued compliance and certification for ISO 27001. Be the focal point for AIT for internal and external audits.
• Perform information security-related awareness sessions for university stakeholders, as necessary.

Required qualification & skills

• 5 years of relevant IT experience including 3 years of experience in a management position.
• Bachelor’s degree in computer science or computer engineering from an accredited university. Master’s degree is an advantage.
• Information security certificates (CISSP and CISM).
• AWS native services, especially as related to security and infrastructure.
• Network technologies (protocols, design concepts, access control).
• Security technologies (encryption, data protection, design, privilege access).
• Information security standards and frameworks such as ISMS.
• Interpersonal and communication skills .
• Ability to work effectively with a wide range of constituencies in a diverse community.
• Analytical and problem-solving abilities to identify and fix security risks.
• Ability to lead and execute an audit throughout the end to end process.
• Ability to plan, organize, lead and control.
• Ability to deal with complex issues.
• Ability to gather data, compile information and prepare reports.
• Ability to develop, plan, and implement short- and long-range goals.
• Excellent communication skills in English language; Arabic language is an advantage.