Roles and Responsibilities:
Policies:
Assist and coordinate in the development and review of information security policies, standards and procedures.
Ensure policies comply with any external requirements.
Information Security Awareness:
Develop and conduct security awareness sessions and programs for IT Staff, End users and Contractors.
Participate in planning and content contribution for security awareness campaigns.
Information Security Incident Response
Participate in Information Security response plan development.
Participate in information security incident handling and response.
Perform analysis of Information Security incidents.
Recommend rectifications and provide lessons learned from incidents.
Risk assessment and Incident Prevention:
Participate in ongoing IT risk assessment activities.
Recommend new and assess current security controls.
Recommend methods for vulnerability detection and remediation.
Vulnerability Assessment and Penetration testing
Conduct periodic vulnerability assessment and penetration testing
Information security metrics/KPis
Develop, review and report for on Metrics and Key Performance indicators for information security.
Disaster Recovery and Business Continuity
Review disaster recovery plans and preparations and recommend improvements.
Review and report on results of disaster recovery drills
Knowledge Transfer
Work closely with KPC information security staff and transfer relevant information security knowledge.
Reports:
Assist in preparing information security reports for management and ISMS committee.
The Information security Officer shall produce summary reports on all activities on a monthly and quarterly basis to . The format and the detail shall be agreed between the two parties. The purpose is for assess whether the performance is being provided satisfactorily and that plans for continuous improvement are in effect.
Minimum Qualifications :
Established in 1980, Diyar has been, since more than thirty years, managing large and complex technology projects. Its high caliber and professional work force, its strategic alliances with leading technology companies, its focus on meeting client business objectives, its investment in technology initiatives that help the economy and society and its commitment to Total Quality Management, Occupational Health & Safety Management and Environmental Management makes Diyar an ideal partner for our client technology and service requirements. As leading IT Company in Kuwait, Diyar experience varies from strategic thinking, project management, business analysis and developing integrated service models suitable for any complex environment to ensure that the services are provided efficiently, professionally and within the service levels.