Masdar is hiring a Senior Officer, Security & Governance

About the Role

Role details below.

Responsibilities

• Develop, implement and update periodically an advanced information security framework and strategy aligned with Zero Trust Architecture, regulatory requirements, and emerging threats.
• Provide support on governance and operational security matters to support the achievement of security objectives.
• Contribute to the establishment, implementation, review and continual improvement of the Information Security Management System (ISMS) in line with overall security objectives.
• Execute security policies, standards, procedures, and guidelines, in conjunction with the Security Committee.
• Assist in conducting investigations of significant security incidents and applying necessary resolutions.
• Ensure that information security policies and procedures are in place and adhered to.
• Ensure that security policies and procedures comply with relevant international standards, legal and regulatory requirements.
• Develop and maintain a risk management program that assesses and mitigates information security risks.
• Develop and maintain a security roadmap that outlines the implementation of the information security framework and strategy over time.
• Develop, enhance, and maintain an advanced incident management and threat intelligence program that proactively identifies, mitigates, and resolves security incidents using SIEM, SOAR, and AI-driven analytics.
• Ensure implementation and continuous improvement of ISMS governance structure in alignment with regulatory frameworks such as GDPR, NESA, NCA ECC, HIPAA, and PCI-DSS.
• Perform security risk analysis for Masdar, particularly with respect to level of cyber threats and external environment affecting IT infrastructure and Masdar as an Organization.
• Support on the process and documentations for incident escalation, performing incident investigation and closure and ensuring proper reporting.
• Conduct company-wide data classification assessment and security audits and contribute to remediation plans.
• Develop and deliver security training and awareness programs to ensure that employees understand their roles and responsibilities related to security governance.
• Develop and maintain incident response plans that outline the steps to be taken in the event of a security incident.
• Ensure that incident response plans are tested regularly to identify and address gaps and weaknesses.
• Ensure that incidents are logged and tracked through to resolution, and that post-incident reviews are conducted to identify opportunities for improvement.
• Provide regular updates to senior management on the status of incidents and the effectiveness of the incident management program.
• Develop and maintain incident management metrics and key performance indicators (KPIs) to measure the effectiveness of the incident management program.
• Monitor and report on incident trends and make recommendations for improvement to the incident management program.
• Ensure that incident management policies and procedures comply with relevant standards, legal and regulatory requirements.
• Provide incident management training and awareness programs to ensure that employees understand their roles and responsibilities related to incident management.
• Perform daily operations and activities related to security and governance in order to ensure the smooth flow of daily activities with minimal interruption to IT services and users.
• Lead the design, deployment, and management of the network security infrastructure.
• Design and build solutions to ensure s