ISO02/22
Kingdom of Bahrain
Investments
Full time
The candidate is responsible to:
- To perform the duties assigned to an Information Security Officer for a leading fund investment company based in Bahrain
- Develop, implement, and monitor a strategic, comprehensive company-wide Information Security and IT Risk Management program, plan and processes, covering Cyber Security Risk.
- Ensure the company has an up-to-date / approved Information Security Risk Management and Cyber Security Risk Management policies and associated procedures.
- Develop and enhance the Information Security Framework.
- Evaluate the effectiveness of Information Security policies, procedures, standards, and guidelines, through periodic Risk Assessment.
- Provide training and awareness to the company’s staff on effective Information Security / Cyber Security Risk Management.
- Provide input to the overall business technology planning to ensure that proper security measures are being taken.
- Develop and manage Information Security budget and expenses.
- Ensure continuous monitoring and reporting process of security incidents is in place.
- Report all identified security incidents / breaches.
- Plan and establish company-wide information security management systems (ISMS) in accordance with international standards and regulatory guidelines.
The candidate must have:
- Degree in Computer Science or technology-related field.
- Certification in CISSP, CISM or CIPP, CRISC, CSX, CGEIT, MSCE/A is preferred.
- Minimum of 8 years of experience in cyber security field.
- Solid knowledge of various information security frameworks (e.g., NIST, ISO/IEC 27001)
- Experience in managing Data Privacy / PDPL, CBB and SAMA / CMA controls related to Information Security / Cyber Security and Business Continuity.
- Bahrain based candidates are preferred.