Chief Information Securiy Officer

Job description / Role

An Abu Dhabi based Crypto Exchange is seeking to recruit an experienced CISO.

Role summary
The Chief Information Security Officer (“CISO”) will direct strategy, operations and budget for the purpose of protecting the enterprise information assets. The scope of responsibility will include managing the Security team, internal and external communications regarding security applicable policies and procedures, applications and infrastructure.

Key responsibilities
• Develop Enterprise wide Security Programs;
• Managing and Training the Security Staff team;
• Monitor Threats and Take Preventive Measures;
• Ensure that disaster recovery and business continuity plans are in place and tested;
• Review and approve security policies, controls and cyber incident response planning;
• Approve identity and access policies;
• Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities;
• Maintain a current understanding the IT threat landscape for the industry;
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services;
• Ensure compliance with the changing laws and applicable regulations;
• Translate that knowledge to identification of risks and actionable plans to protect the business;
• Schedule periodic security audits;
• Oversee identity and access management;
• Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced;
• Manage all teams, employees, contractors and vendors involved in IT security, which may include hiring;
• Provide training and mentoring to security team members;
• Constantly update the cyber security strategy to leverage new technology and threat information;
• Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget; and
• Communicate best practices and risks to all parts of the business, outside IT.

Requirements

The ideal candidate will have the following

Qualification, experience and skills

Education
• Degree in business administration or a technology-related field required; and
• A professional security management certification.

Experience
• Minimum 8 years’ experience in either risk management, information security or IT.

Skills
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, NIST, Nasdaq Smarts, BitGo and other blockchain best in market technologies;
• Excellent written and verbal communication skills and high level of personal integrity;
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams;
• Experience with contract and vendor negotiations and management including managed services;
• Specific experience in best in class development practices;
• Experience with Cloud computing across virtualized environments.

About the Company

Consisting only of Director level personnel, each with over 12 years' experience of working within the Gulf Region, we aim to alleviate all the issues and frustrations traditionally associated with using a Resourcing or external HR service. Each client and candidate is handpicked and dealt with by a Director personally thus ensuring that all parties get the level of service they expect. to: Consisting only of Director level personnel, each with over 12 years' experience of working within the Gulf Region, we aim to alleviate all the issues and frustrations traditionally associated with using a Resourcing or external HR service. Each client and candidate is handpicked and dealt with by a Director personally thus ensuring that all parties get the level of service they expect.