Job Description:
Cyber Security Business Partner
Location: New Cairo, Egypt
Fixed term contract / Permanent
Full time (40 Hours)
We make health happen
Bupa Global is the international health insurance division of Bupa. We provide customers who want premium international coverage with products and services to access the healthcare they need anytime, around the world, whether at home or when studying, living, travelling or working abroad.
Bupa Global has offices around the world including London and Brighton (UK), Dublin (Europe), Miami (USA), Dubai (UAE, in partnership with OIC), Egypt and Hong Kong (China) as well as regional offices in mainland China, Singapore, the Dominican Republic, Bolivia, Panama, Guatemala and Ecuador.
The role
Bupa is seeking a Cyber Security Business Partner to take a leading role in protecting the confidentiality, integrity, and availability of Bupa Global’s information and data. This role will also ensure the security of Bupa’s infrastructure and applications, with a specific focus on operations in the Middle East
How you’ll help us make health happen:
Developing and maintaining effective professional relationships with Regulatory authorities to ensure Bupa maintains adherence to requirements.
To ensure appropriate Technology frameworks required of regulators are developed and maintained.
To ensure local GRC requirements for Bupa Global in the Middle East are managed, in liaison with the internal and external stakeholders so that effective communications on cyber security matters with respective Boards and local regulatory authorities is undertaken.
Collaborating across business and technology to establish and build strong, trusted, working relationships that support a culture of collaboration and engagement in all cyber security and technology risk matters.
Ensuring security services meet business demand, requirements and enable the secure delivery of innovation and change in line with industry best practice.
Providing risk-based, accurate guidance and support to operational and strategic change initiatives, BAU activity, projects, cyber security breach, vulnerability, and incident remediation plans.
Managing the on-going and periodic security risk assessments of third-party suppliers to ensure security standards and procedures meet expectations, policies, controls, and business need.
Maintain up-to-date awareness of emerging threats and cyber security trends, providing insights to inform the evolution of the MU cyber security strategy.
Support Information Security and technology risk considerations being suitably embedded in all technology strategy, design, planning, development, and operations.
Play a leading role in the ongoing development and evolution of positive Information Security and technology risk behaviours across Bupa Global in the Middle East.
Ensure the adoption of a culture that prioritises good customer and regulatory outcomes.
Drive a culture of continuous improvement that constantly seeks to improve customer outcomes, eliminate waste, and increase efficiency and productivity.
Create and manage a culture where others are encouraged to drive change and innovation while supporting them in the change.
Drive a culture of adaptability, agility, engagement, and responsiveness in times of uncertainty and ambiguity.
Integrate cyber security and technology risk considerations into ways of working across all business units including waterfall and agile methodologies as part of the change governance and operational risk frameworks
Key Skills / Qualifications needed for this role:
The role holder is expected to have the following qualification(s), skills and experience:
Fluency in the English language, spoken and written.
An ability to help translate technical materials form English to Arabic.
Experience in cyber security and technology risk within a large corporate environment, preferably in a regulated industry.
Experience in the design, operation, and governance of industry-standard security risk and control frameworks.
Good understanding of core cyber security and technology risk topics such as capacity planning, business continuity, cloud, cyber threat intelligence, encryption, access control, data loss protection, vulnerability management, security operations and security awareness training.
Excellent stakeholder management skills and the ability to demonstrate credibility, establish and maintain good relations and trust with your internal and external partners/stakeholders.
Knowledgeable in technical and governance disciplines of information security, risk, control, audit, and compliance.
Knowledgeable in the latest security tools, processes, and techniques.
Familiar with security technologies and an awareness of developments in the industry and understanding implications of new technologies.
Strong analytical and problem-solving skills, ability to work in a fast-paced environment and manage multiple priorities.
Experience in identifying opportunities for process improvement and optimisation within an organisation.
Knowledge of common information security management frameworks, such as ISO 27001, ITIL, COBIT, CIS, PCI DSS, OWASP and NIST CSF.
Expert knowledge of international and local regulatory requirements including that of the FRA in Egypt and other cyber and technology related laws and regulations in the Middle East.
A recognised security accreditation, such as CISSP, CISM, CRISC or a recognised Degree/ master’s qualification in Information Security and risk.
Time Type:
Job Area:
Locations: