Head, Cyber Threat intelligence Section

JOB PURPOSE

Section Head, Group Cyber Threat Intelligence will lead a team of specialists and analysts who focus on analyzing and identifying threats, defining the impact on various business functions, and designing and communicating threat defense mechanisms to Digital Security Operations for implementation.

The role will be responsible for the overall management and governance of the Cyber Threat Intelligence program to improve resiliency and protect ADNOC's brand and reputation. Support ADNOC business plan to sustain through crisis events. Work in coordination with the Manager, DBCM & CTI to align the Group Cyber Threat Intelligence strategy and deliverables to ADNOC Group's corporate strategy and objectives.

KEY ACCOUNTABILITIES

1. Lead and deliver operational excellence with the Cybersecurity Threat Intelligence program, including developing a strategic roadmap to evolve the program.
2. Own the standard operating procedures relating to Cyber Threat Intelligence.
3. Monitor the effectiveness of the threat intelligence program through periodic meetings with the team members.
4. Capture the business requirements and set the agenda for the team to align with the business objectives.
5. Provide thought leadership to all areas of the organization regarding Cyber Threat Intelligence improving awareness.
6. Act as a key member of the organization's cybersecurity steering committee representing Cyber Threat Intelligence, sharing the vision, and negotiating the backing of the management team.
7. Lead threat and vulnerability research efforts.
8. Follow the trends across the globe in the interests of attackers and identify areas that may become targets.
9. Oversee preparation and recommendation of expenditure budgets for approval. Monitor spending for adherence to the budget and recommend variances as necessary.
10. Lead the maintenance of the Cyber Threat Intel Standards, procedures, criteria, and operating model.

Development and implementation of the Group IS Strategy

1. Participate in the development of all required Group IS strategies, including but not limited to: IS strategy, resources management strategy, services delivery strategy, engagement model development, etc.
2. Support and contribute to the implementation of Cyber Threat Intelligence program in relation to the overall ADNOC Group IS Strategy by establishing the domain specific reference models and artifacts.

Elaboration and implementation of the information security strategy

1. Define ADNOC Group level information security vision, mission, and principles relating to Cyber Threat Intelligence.
2. Identify the Company specific Cyber Threat Intelligence Security strategic goals, initiatives, objectives, and metrics consistent with corporate Digital & Cybersecurity strategic plan.
3. Facilitate business alignment and communications regarding Cyber Threat Intelligence matters by facilitating the formation of the required information security governance structures and mechanisms.
4. Work with other Company executives to prioritize security initiatives and spending based on appropriate risk management.
5. Make recommendations to business leaders / management to ensure alignment with current and future security standards and propose enhancements that will ensure the security and safeguard of ADNOC Group Digital & Cybersecurity infrastructure and applications portfolio.

Performance management framework development and implementation

1. Actively contribute to the development, implementation, and management of a comprehensive IS performance management program. Ensure the inclusion of relevant metrics to measure the efficiency and effectiveness the existing and future information security processes, controls, and programs.
2. Report on the information security performance metrics as part of the unit.
3. Support the implementation of the IS division performance reference model.

Additional Duties

1. Contribute toward and promote the protection of the ADNOC Group assets and corporate information against threats to their security by implementing the Information Security Policy and all other related rules, regulations, and guidelines.
2. Perform other related duties as assigned.

Management

1. Plan and supervise the activities of the personnel and resources of the Section to achieve the Department objectives in an efficient and cost-conscious manner while ensuring implementation of approved operational plans for the Section in line with Department objectives.
2. Develop the knowledge, competencies and innovative spirit in the Section and support the establishment of Personal Development Plans (PDP's), Succession Planning and Talent pipeline within the Section in coordination with the Human Capability Group to continuously develop employees with emphasis on UAE Nationals to meet Emiratization targets.

Budgets and Operational Plans

1. Compile and provide input for preparation of the Department budgets and regularly monitor expenditure against approved the Section budget levels.
2. Investigate, highlight, and reconcile any significant variances to ensure effective performance and cost control.

Policies, Systems, Processes & Procedures

1. Lead the implementation of approved Section policies, processes, systems, standards, procedures, and internal controls in order to support execution of the Department work programs in line with Company and International standards.

Performance Management

1. Implement the Company Performance Management System for individuals within the Section in accordance with Company approved guidelines and continuously monitor the achievement of the Section KPIs related to the approved Annual Performance Management Contract and the Balanced Score Card.

Organisation Structure and Development

1. Review, develop and recommend the appropriate organisation structure for the Section that will best utilise human capital while proactively incorporating sustainability into the on-going work practices to meet the business objectives.

Innovation and Continuous Improvement

1. Encourage innovation, enhance employee motivation, and support initiatives for implementation of Change Management to continuously improve operations and services.
2. Propose improvements in internal processes against best practices in pursuit of greater efficiency in line with ISO standards in order to define intelligent solutions for issues confronting the Section.

Health, Safety, Environment (HSE) and Sustainability

1. Support the institution of an HSE culture and ensure compliance with relevant HSE policies, procedures, systems & controls and applicable legislation and sustainability guidelines across the Section in line with international standards, best practices and ADNOC Code of Practices.
2. Ensure adequate HSE training and induction for all Section employees to meet HSE standards.

Management Information Systems (MIS) and Reports

1. Prepare all Section MIS and progress reports to provide accurate and timely reports and necessary information to Company Management to effectively manage the business.

COMMUNICATIONS & WORKING RELATIONSHIPS:

Internal

1. Regular contacts with ADNOC Group Digital & Cybersecurity Management Team across ADNOC Group on services delivery, services operations, services governance, and other related matters.
2. Frequent contacts with Programs / Projects Managers and Architects on matters related to roadmaps developments and projects and programs delivery.
3. Regular contacts with the counterparts in ADNOC Group Companies on Digital Strategy, Planning and Quality Assurance matters.

External

1. Frequent contacts with external auditors, local / international vendors, consultants, and IT professional organizations to facilitate quality and cost-effective service delivery.
2. Occasional contacts with counterparts in regional and international oil companies for exchange of information / benchmarking / study visits and other programs.
3. Regular contacts with local and international IT service providers on matters related to IT services and strategic directions.

QUALIFICATIONS, EXPERIENCE, KNOWLEDGE & SKILLS

Minimum Qualification

1. Bachelor's degree in Information Technology, Computer Science, or related technical discipline.

Minimum Experience & Knowledge & Skills

1. 12 years of experience in Cyber Threat Intelligence and Business Continuity Management including at least 6 years in positions of progressively increasing technical and managerial responsibilities.
2. Deep knowledge of security, data analysis, incident response, vulnerability management, penetration testing, and ethical hacking.
3. Analytical skills to identify data breaches or bad actors manipulating systems.

Professional Certifications - preferred

1. Security certifications such as CISSP, CISM, OSCP, GCTI, GCIH, GDAT, CHFI, CEH preferred.