Key Roles & Responsibilities:
Data Protection and Privacy:
• Data Sensitivity Management: Spearhead initiatives for identifying & classifying data, and applying appropriate controls based on data sensitivity.
• Data Loss Prevention: Implement and manage technologies like Proofpoint, devising strategies to safeguard against breaches.
• Insider Threat Mitigation: Actively manage internal threats to detect and reduce organizational risks.
• Policy implementation and Enforcement: Entrusted with implementing and upholding robust data security policies and standards throughout the company.
• Utilize Advanced Technical Measures: Implement a range of technical controls including encryption and masking, to safeguard sensitive data, ensuring robust protection against unauthorized access and data breacheds.
Incident Response:
• Incident Management: Lead incident response planning and execution, ensuring effective handling of data breaches.
• Cross-Functional Collaboration: Work with various teams to mitigate the impact of security incidents.
Data Privacy and Compliance:
• Comprehensive Privacy Assessments: Lead Privacy Impact Assessments to ensure compliance with data protection laws, analyzing how personal information is managed and mitigating potential risks.
• Policy Implementation and Vigilance: Enforce and regularly update data privacy policies across the organization, aligning with evolving legal standards and organizational needs.
• Monitoring and Training: Implement continuous monitoring and auditing processes to assess privacy controls, coupled with employee training programs to foster a culture of data privacy awareness.
• Cross-Functional Collaboration: Collaborate with various departments and engage with regulatory bodies to stay abreast of new regulations and integrate industry best practices into the organization’s privacy program.
Application Security:
• Secure Development Advocacy: Lead the adoption of secure coding practices to prevent application-level threats, integrating security from the outset of the software development lifecycle.
• Vulnerability Oversight: Conduct targeted testing and code reviews to uncover and fix vulnerabilities efficiently, using both automated tools and manual inspections.
• Security Throughout SDLC: Embed security measures at every SDLC stage, ensuring security is a core component of software development and deployment.
• Assured Secure Rollouts: Ensure robust security processes for new software rollouts and updates.
Cloud and SaaS Security Management
• Cloud Security: Develop and implement security measures for safeguarding data across all cloud environments, including IaaS, PaaS and SaaS models.
• SaaS Security Oversight: Ensure that all SaaS applications comply with established security policies, and work closely with vendors to maintain high security standards
• Security and Risk Management: Conduct regular reviews and risk assessments for cloud and SaaS environments, adapting to emerging threats and technological changes to continuously protect organizational data.
Assignments:
• Strategic Cybersecurity Projects: Engage in key projects, leveraging expertise to enhance the company's cybersecurity.
• Special Assignments: Undertake unique tasks to continually advance the cybersecurity strategy and roadmap.
Education & Professional Qualification:
• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, computer engineering, or related field.
• Professional certifications in data protection and application security (e.g., CISSP, CISM) are preferred.
Professional Experience:
4-6 years of experience in a cybersecurity role with a focus on data protection and application security
Geographic Experience:
Experience in Middle East is preferred
Computer Skills:
Proficient in using cybersecurity and analytic tools, MS Office suite, and other relevant software.
Language Skills:
Fluent Business English
Arabic language is preferred
Market/Industry/Functional Knowledge:
Solid understanding of the cybersecurity landscape, particularly in data protection and application security.
Knowledge of the Offshore industry and related cybersecurity challenges is an asset.
Let our experts design a Professional CV for you.