https://bayt.page.link/iLXw2QK7f8k21U1R9
أنشئ تنبيهًا وظيفيًا للوظائف المشابهة

الوصف الوظيفي

Key Responsibilities:1. SDLC (Software Development Life Cycle)
AssuranceGovernance: Review and evaluate the company’s
SDLC processes, ensuring compliance with governance standards such as code
review, testing, and proper approvals before deployment.Security in SDLC: Ensure
security assessments (e.g., static and dynamic analysis) are integrated at each
phase of the SDLC, focusing on potential vulnerabilities.Agile and DevOps: Assess
the implementation of Agile and DevOps practices, ensuring they meet
compliance, governance, and risk management requirementsThird-Party Integrations: Evaluate
and ensure that third-party integrations (e.g., APIs, credit bureaus, identity
verification systems) are managed and secured in the development process.2. Release Management Release Process Assurance: Review
and assure release management processes, ensuring alignment with change control
policies, proper approvals, and adequate testing.Segregation of Duties: Ensure
the separation of duties between development, testing, and production access to
prevent unauthorized changes.Emergency Releases: Assess
the procedures for emergency releases and patches, ensuring adequate risk
mitigation and compliance with governance.3. Change Management Documentation and Tracking: Oversee
the process for documenting and tracking change requests, including code
changes, infrastructure updates, and software patches.Impact Assessment: Ensure
that each change request undergoes a thorough impact assessment, taking into
account security, compliance, and operational risks.Approval Workflows: Review
and manage change approval workflows, ensuring comprehensive risk mitigation
plans such as rollback strategies and pre-deployment testing4. Incident Management Incident Response Plan: Develop,
review, and continuously improve the company’s incident response plan, ensuring
rapid identification, communication, and resolution of incidents.Post-Incident Reviews: Ensure
the organization conducts root cause analysis and "lessons learned"
sessions after each incident to prevent recurrence.Metrics and Reporting: Manage
incident reporting processes, ensuring that incidents are reported to key
stakeholders in a timely manner and comply with regulatory requirements.5. Tech and Cybersecurity Risk
Assessments Risk Identification: Review
technology and cybersecurity risks, ensuring that vulnerability assessments and
penetration testing are conducted regularly. Threat Monitoring: Oversee
the company’s threat monitoring processes, ensuring the effective use of tools
such as SIEM (Security Information and Event Management). Vendor Risk Management: Ensure
proper risk assessments are conducted for third-party vendors, especially those
providing critical services (e.g., cloud services, identity verification).Cybersecurity Policies: Develop,
assess, and update cybersecurity policies to align with industry standards,
including data protection, encryption, and access control policies. 6. Resilience and Business Continuity Disaster Recovery: Review and
continuously improve the company’s disaster recovery plans, ensuring that
testing is conducted to prevent data loss and ensure minimal downtime.Backup Strategies: Assess the
organization’s data backup and redundancy strategies to ensure resilience
against cyber-attacks and operational failures.7. Governance and Reporting Risk Reporting: Oversee
the process of reporting technology and cybersecurity risks to senior
management and board members, ensuring they are aligned with the organization’s
strategic objectives. Key Risk Indicators (KRIs): Evaluate
the Key Risk Indicators (KRIs) and metrics used to measure and communicate
technology risks, ensuring they are relevant and actionable.RequirementsJob Title: Tech Risk Assurance ManagerJob Type: Outsourced, Full Time, On-Site, Long TermWork Location: Dubai (Dubai Media City), UAEBenefits:
Work Visa and Medical Insurance for self onlyJob
Summary:To oversee
and manage our client’s technology assurance, tech risk assessments, and
governance processes. This role involves evaluating the software development
life cycle (SDLC), ensuring compliance in release and change management
processes, and implementing effective incident management strategies. The ideal
candidate will have extensive experience in SDLC assurance, cybersecurity, risk
management, governance and should have worked on Tech risk frameworks before
and should be able to create a Tech risk assurance framework.Required Skills and Qualifications: Bachelor’s degree in Information Technology,
Computer Science, Engineering, or a related field.Professional certifications such as CISA, CISM, CISSP, CRISC are preferred.7-10 years of experience in IT risk
management, cybersecurity, technology assurance, or a related
field.Experience working in Big 4 consulting
firms or similar environments, with a focus on SDLC assurance, change
management, and incident management.Proven expertise in IT governance
frameworks such as COBIT, NIST, ISO 27001, ITIL,
and DevOps practices.Comprehensive understanding of SDLC
assurance processes, including security testing and governance.Hands-on experience with Agile and DevOps
frameworks for software development and deployment.Strong experience in cybersecurity risk
assessments, threat monitoring, and vendor risk management.Familiarity with release management tools and
practices for separation of duties and change control.Experience conducting disaster recovery
testing, backup assessments, and ensuring business continuity.Preferred Skills: Familiarity with CI/CD pipelines and
automation tools within the DevOps landscape.Experience with business continuity
planning, incident management frameworks, and emergency release
processes.Previous work in highly regulated
industries such as finance, healthcare, or government, dealing with
stringent compliance and risk management requirements.BenefitsWork
Visa and Medical Insurance for self only
لقد تجاوزت الحد الأقصى لعدد التنبيهات الوظيفية المسموح بإضافتها والذي يبلغ 15. يرجى حذف إحدى التنبيهات الوظيفية الحالية لإضافة تنبيه جديد
تم إنشاء تنبيه للوظائف المماثلة بنجاح. يمكنك إدارة التنبيهات عبر الذهاب إلى الإعدادات.
تم إلغاء تفعيل تنبيه الوظائف المماثلة بنجاح. يمكنك إدارة التنبيهات عبر الذهاب إلى الإعدادات.