IT Security and Compliance Officer

The security compliance officer's role is to ensure the secure operation of the B&S information assets in accordance with our internal processes, procedures, and compliance requirements as per the relevant ISO standards, regulatory frameworks applicable to B&S, and industry best practices.

Key Responsibilities

• Oversee and improve the information security programs, including data protection, risk management, compliance, and information security testing.
• Establish information security audit policies and procedures relevant to CMMC, SOC2, ISO 27001, ISO 22301, ISO 38500, PCI-DSS.
• Develop, implement, and maintain internal ITSC audit policies and procedures in accordance with local and international best practices.
• Conduct scheduled audits on information assets and processes to maintain certifications and compliance certificates.
• Evaluate compliance of B&S processes, procedures, systems, and applications against ISO 27001, ISO 22301, ISO 38500, PCI-DSS, CMMC, and industry best practices.
• Monitor advancements in information security and privacy laws to ensure organizational adaptation and compliance.
• Prepare audit reports for senior management, regulators, and other stakeholders.
• Assist with initiatives related to compliance certification and regulatory bodies.
• Review new products, systems, or processes for compliance with relevant standards and frameworks.
• Manage and maintain security audit platforms.
• Collaborate with IT Risk & Threat Analysts and Cybersecurity Analysts to identify and communicate threats and vulnerabilities for remediation.
• Develop internal audit policies and procedures aligned with best practices.
• Conduct internal audits according to the internal ITSC schedule and framework.
• Evaluate compliance of processes, procedures, systems, and applications with B&S' certification initiatives.
• Deliver audit reports, findings, and remediation status to stakeholders.
• Propose improvements based on audit findings.

Qualifications

• Bachelor's degree in Computer Science or related field with IT audit or compliance experience.
• At least 5 years of IT experience focusing on security and compliance.
• Knowledge of ISO 27000 series, PCI-DSS, GDPR, NIST, ISO Certifications, and SOC-2 standards.
• Experience in writing policies, procedures, and controls for standards/frameworks.
• Understanding of computer networking, protocols, and network security methodologies.
• Knowledge of risk management, cyber threats, and vulnerabilities.
• Experience in risk management within compliance and security contexts.
• Ability to work in fast-paced environments, handle ambiguity, and manage multiple priorities.
• Strong attention to detail, self-motivated, and adaptable.
• Relevant certifications like ISO 27001, CISA, CISM are advantageous.

Additional Information

We offer you

• Competitive salary with performance-based bonus.
• Company-sponsored visa and health insurance.
• Leave benefits as per UAE labor law.
• Annual return airfare to your home country.
• Opportunities for professional growth and development.
• Dynamic and collaborative work environment.
• Part of a leading international trading company with a global presence.