IT Security and Compliance Officer

The security compliance officers role is to ensure the secure operation of the B&S information assets in accordance with our internal processes procedures and compliance requirements as per the relevant ISO standards regulatory frameworks applicable to B&S and industry best practices.

• Oversee and improve the information security programs including data protection risk management compliance and information security testing.
• Establish information security audit policies and procedures relevant to CMMC SOC2 ISO 27001 ISO 22301 ISO 38500 PCIDSS.
• Develop implement and maintain internal ITSC audit policies and procedures in accordance with local and international best practices.
• Conduct scheduled audits on information assets and processes as required in order to maintain certifications and compliance certificates.
• Evaluate compliance of B&S processes procedures systems and applications against the requirements of ISO 27001 ISO 22301 ISO 38500 PCIDSS CMMC and industry best practices.
• Monitor advancements in information security and privacy laws to ensure organizational adaptation and compliance.
• Prepare audit reports required for senior management regulators and other relevant stakeholders.
• Assist with initiatives relevant to compliance certification and regulatory bodies.
• Review all new products systems or processes to ensure compliance againstrequired standards frameworks and best practices.
• Deploy manage and maintain security audit platforms.
• Collaborate with the IT Risk & Threat Analyst and Cybersecurity Analyst to ensure threats and vulnerabilities are promptly identified and communicated to relevant business stakeholders for remediation.

• Develop internal audit policies and procedures in accordance with local and international best practices
• Conduct internal audits as per the internal ITSC audit schedule and framework
• Evaluate compliance of B&S processes procedures systems and applications against the requirements of B&S certification initiatives
• Deliver audit reports/findings and status of the remediation of audit findings to stakeholders
• Propose continuous service improvements based on audit findings

• Bachelors degree in Computer with IT audit or compliance experience
• 5 years of IT experience with a focus on security and compliance
• Knowledge and understanding of ISO 27k PCIDSS GDPR NIST ISO Certifications and SOC2 information security standards and/or frameworks
• Experience writing policies procedures and controls in one or more standards/frameworks
• Knowledge of computer networking concepts and protocols and network security methodologies
• Knowledge of risk management processes cyber threats and vulnerabilities
• Experience with risk management in both a compliance and security context
• Ability to work in a fastpaced environment and the skills to deal with ambiguity
• Ability to handle multiple competing priorities
• Highlevel of attention to detail and be a selfstarter with the ability to work independently multi task and adjust to shifting priorities
• Professional information security certifications like ISO 27001 CISA CISM or other relevant securityrelated designations would be an advantage

• Competitive salary fitting with your experience along withdiscretionary annual performancebased bonus
• Company sponsored visa along with health insurance
• Leave benefits as per UAE labour law
• Annual return airticket to your home country
• Opportunity for professional growth and development
• Dynamic and collaborative work environment
• Being a part of leading International trading company with global presence

No

Fulltime