JOB DESCRIPTION / ROLE
- Support the IT Governance Committee in the development of IT policies.
- Develop, update and test business continuity and disaster recovery protocols.
- Support the IT Governance Committee in performing periodic risk assessment; determining and implementing the action plan to mitigate the assessed risks.
- Support the IT Governance Committee in recommending best industry practices on latest IT tools and applications and its evaluation with respect to business needs.
- Maintain the completeness and accuracy of all digit assets (this includes hardware, software and accessories – e.g. routers, firewalls, etc.) and reconcile monthly the list with finance.
- Monitor data stored and processed within the digital assets and ensure that it is secure from external threats by following standard information security protocols.
- Monitor and enforce information security standards and technologies for all systems and infrastructure.
- Monitor user access in compliance with authorized user access rights and ensure privileged access is granted to appropriate users and restricted to appropriate functions.
- Monitor IT process controls and periodically test them to ensure its effectiveness.
- Monitor the health of IT infrastructure and applications independent of the third-party system administrator.
- Conduct quality control and auditing of databases to ensure database integrity, stability, and system availability.
- Perform vulnerability and networking scanning assessments and determine action plan for vulnerabilities identified.
- Monitor industry trends, evolving threats, vulnerabilities and control techniques.
- Support the IT Governance Committee in response to an IT incident; take ownership for the entire incident management cycle.
- Perform root cause analysis on all IT related issues logged with recommendations.
- Review third party system administrators’ contractual KPIs and report findings to IT Governance Committee.
- Responsible for ensuring awareness on Information Security of fellow employees and third-party vendors.
REQUIREMENTS
Candidates must have:
- Bachelor's or master’s Degree in IS/Computer Science or any IT related field of study.
- Proven IT security experience (3-5 years) and related certification(s) preferred. (e.g. CISSP, CISA, CRISC, CRMA, GCIA, GSEC, CCSP).
- Good working knowledge of Networking and Security Concepts, IT Governance, Risk and Compliance and Enterprise applications are required.
- Firm knowledge of multiple information security domains.
- Experience working in a fast-paced, highly collaborative environment, using research and analysis to support recommendations and opinions.
- Able to think risk – Must possess a risk-control mindset and passion for Information Technology.
- Quick learner.
- Team player.
- Should be proactive.
- Excellent communication skills.
- Has passion for cyber security, incident detection, network and systems security.
ABOUT THE COMPANY
BDO UAE is the Member Firm of BDO International with 64,300 people working out of over 1,400 offices worldwide.
At BDO UAE, we specialise in helping businesses, whether start-ups or multinationals, to achieve their goals. Through our own professional expertise and by working directly with organisations, we've developed a robust understanding of the factors that govern business growth. Our objective is to use this to help our clients maximise their potential.
We have a partner-led approach, which delivers the highest quality of service by using short, functional chains of communications to aid decision-making. Clients benefit from our fresh thinking, constructive challenge and practical understanding of the issues they face. Developing strong, personal relationships with our clients is at the forefront of our service approach at BDO UAE.
