Information Security Officer - Buna Information Security Officer - Buna …

Arab Monetary Fund
in Abu Dhabi, Vereinigte Arabische Emirate
Festanstellung, Vollzeit
Letzte Bewerbung, 24 Sep 21
Arab Monetary Fund
in Abu Dhabi, Vereinigte Arabische Emirate
Festanstellung, Vollzeit
Letzte Bewerbung, 24 Sep 21
Gepostet von:
Mohamed Moniem • Recruiter
Gepostet von:
Mohamed Moniem
As the implementation phase of Buna, formerly known as the Arab Regional Payment System (ARPS), project picks up momentum, we are looking for a responsible Information Security Officer- Buna to join our founding team. Duties of the Information Security Officer include developing and managing Buna’s information security policies & strategy to protect Buna from security threats and cyber-attacks. The job holder is also responsible for ensuring operational compliance with all standards and regulations and driving business continuity. This position will report to the Chief Risk & Compliance Officer.

In this context, the following sections detail the main qualifications, skills and responsibilities related to this position:

Job Responsibilities

Cyber Security Policies and Procedures Development

  • Develop and monitor a strategic, comprehensive enterprise information / cyber security risk management program (including strategy, policies, standards, processes, and guidelines) to ensure protection of Buna digital and data assets
  • Create, maintain and publish up-to-date information security policies, standards and guidelines
  • Ensure cyber security policies, procedures and best practices are communicated across the organization

Security Operations Implementation

  • Implement and lead the strategy for managing and reporting security incidents and oversee investigations of reported security breaches
  • Identify, manage, and minimize information security risks, and provide relevant and timely reports that drive business decisions
  • Ensure appropriate administrative, physical and technical safeguards are in place to protect information assets from internal and external threats
  • Identify, introduce and implement appropriate procedures to test technical safeguards on a regular basis
  • Oversee the development and implementation of appropriate and effective controls to mitigate identified threats and risks
  • Align the security and enterprise (reference) architectures, ensuring security requirements are implicit in these architectures
  • Manage the daily operations for InfoSec architecture, engineering, operations center, secure development lifecycle, and governance functions across on-premise, hybrid cloud, and cloud capabilities

Information Security Program Management

  • Report regularly on current status of the information security program
  • Keep abreast of latest cybersecurity technologies and innovations
  • Create and manage a targeted information security awareness training program
  • Manage InfoSec vendor relationships and optimizing value from these relationships
  • Research, investigate and implement measures that address data security risks and potential losses

Identity and Access Management

  • Monitor and maintain application user access across the IT portfolio
  • Maintain on time on-boarding and off-boarding for identified IT environments

Cybersecurity Incident Mitigation

  • Follow-up on detected security issues and implement solutions to mitigate risks
  • Oversee threat monitoring activities, take preventive actions and advise relevant stakeholders on the appropriate course of action and response to such threats
  • Own the cybersecurity incident and vulnerability management processes from design to implementation

Threat Analysis and Monitoring

  • Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters

Qualifications and Skills

Experience & Education

  • 10+ years of experience in IT, with at least 5+ years in Information Security, preferably in banking
  • Prior experience developing and maintaining an information security program
  • Experience with information security frameworks
  • Graduate degree from a reputable university preferably in computer science or any related field
  • Relevant security certifications (CISA, CISM, CERT, CISSP, GSEC, CCSP, GIAS, CEH or OCSP) are preferred


  • Knowledge of information security frameworks, cyber security policies and procedures, statutory and regulatory compliance, security operations, cybersecurity incident response, identity and access management and further threat analysis and monitoring
  • Excellent communication skills (oral and written) with ability to effectively communicate by telephone, face to face, email and written
  • Proficient in Microsoft Office (Outlook, Word, Excel and PowerPoint)
  • Excellent organization and time management skills, and ability to work on own initiative, accurately to tight deadlines, and to prioritize between conflicting demands
  • Ability to handle multiple tasks with tight deadlines simultaneously
  • Effective team player and excellent relationship building skills with ability to demonstrate a high level of discretion and positive attitude with all internal and external stakeholders
  • Ability to maintain the highest level of confidential/sensitive information and professionalism
  • Flexibility and readiness to work beyond regular working hours and as required


  • Fluent in English & Arabic
Arab Monetary Fund logo
Ähnliche Jobangebote
Mehr Jobangebote ansehen