About the job SECURITY RISK AND COMPLIANCE SPECIALIST
Job Description:
Develop and maintain information security procedures / guidelines.
Ensuring compliance to group policies, Standards, manuals, etc.
Provide support in the implementation, maintenance, and continuous improvement of the ISMS.
Work with stakeholders to identify risks, conduct risk assessments and develop risk mitigation strategies.
Conduct internal audits and coordinate external audits.
Analyse security incidents and provide recommendations for corrective actions.
Provide security training and awareness to employees.
Enforcement of data classification.
Ensuring compliance to regulatory standards and international standards.
Communicating with related stakeholders to fix vulnerabilities, address risks and compliance actions.
Keep abreast of industry developments, trends, and emerging threats in the field of information security.
Liaise with third-party vendors and stakeholders to ensure compliance with the ISMS.
Resources- minimum qualifications required:
Bachelors degree in information security, Computer Science, Electronics / Instrumentation Engineering or similar discipline/related field.
More than 10 years of experience in information security and ISMS/CSMS development and implementation with at least 5 years of experience in IT/OT Cybersecurity consultancy/Operation preferably in the oil and gas domain
Strong analytical and problem-solving skills.
Has worked on enterprise-wide projects within organizations with similar project scopes.
Excellent written and verbal communication skills in English
Ability to work independently and as part of a team.
Experience with security frameworks and standards (e.g., UAE IAS, ISA 62443, NIST, Shell DEP, ITIL etc.)
Professional security certifications such as GICSP, CISSP, CISM,CISA, ISA 62443 fundamentals or ISO 27001 Lead Implementer/Lead Auditor.
Content development and Fine tuning of use cases/correlation rules based on the relevant attacks and threat landscape of the OT network and Organization.
