Information Security Manager & Security Control Projects
FIRST MILLENNIUM Technology Solutions L.L.C
Total des années d'expérience :21 years, 2 Mois
Responsibilities:
• Leading the development and maintenance of policies, procedures, measures, and mechanisms to protect the confidentiality, integrity, and availability of information at SIMAH. The role involves reviewing these
policies annually to ensure alignment with SIMAHs requirements and promoting information security awareness. The role also involves designing, implementing, and maintaining the Information Security Management Framework based on SAMAs CSF, NCAs ECC, CSCC, and applicable regulations.
• The role also involves assessing security control effectiveness and efficiency in the System Development Life
Cycle (SDLC) and identifying and assessing risks. Compliance assessment is also conducted to ensure proper implementation and measurement of IS governance.
• Developing the Cyber security Policy and Strategy to align with the business strategy, Saudi Payments vision, mission, and corporate objectives. This includes building a cyber-security strategy, implementing departmental policies, procedures, and controls, and auditing ISO 27001 ISMS.
• Leading the cyber security governance team, achieving KPIs, developing annual plans, and reporting to
higher management. The role also involves ensuring compliance with security government and industry regulations, developing governance and strategy documentation, and managing cyber security training and awareness plans
• Developing and updating information and cyber security policies, interacting with other departments, providing accurate information, preparing timely reports, adhering to safety, quality, and environmental management policies, and performing related duties as directed. This includes ensuring a healthy work environment and adhering to company and departmental requirements. Highlighted Achievements - Saudi Cash Center Steered the West region, overseeing 3 groups comprising 21 branches, with a vast portfolio of Cash worth SR 300 million Exceeded targets by 90 % to secure the Branches throw Defense in depth by Security Control Projects and
Mantraps and make All Policy and Procedure According SAMA Policy with Executive Committee.
Responsibilities:
• Align IT needs with the strategic directions of the enterprise.
• Allocate budget and resources accordingly by taking into consideration business impact of the information
security risks.
• Analyze various internal and external information security risk reporting sources.
• Contribute to the development of a strategy plan.
• Determine appropriate IT strategies and solutions.
• Develop a budget.
• Develop business cases that support information security program investments.
• Disseminate organizations IT security goals and objectives to business units and senior management.
• Evaluate IT security goals and objectives against the benchmarks.
• Evaluate existing IT environment against organizations IT strategic directions.
• Formulate information security goals and objectives.
• Identify and implement business innovation.
• Identify controls and solutions to address/mitigate risks.
• Implement change management process.
• Manage overall information security risk.
• Maximize business value of IT investments.
• Obtain management support for information security program investments highlighted in the endorsed business cases.
Responsibilities: Identified and managed IT system developments. Led a team of 22. Created project plans with analysis of benefit, cost, schedule, and risks. Monitored project progress. Defined project parties responsibilities. Created IT system review schedules. Identified design alternatives and recommended solutions. Ensured on-time, within scope, and within budget delivery. Established project scopes and objectives. Managed changes in scope, schedule, and costs.
Responsibilities: Demonstrated ability to assess and mitigate IT risk.
Leading operational and strategic planning, fostering innovation, planning projects, and negotiating resource allocation, conducting risk assessments and implementing response strategies. Designing fault-tolerant environments for up to 1000 users. Identifying network vulnerabilities and enhancing security features.
Responding to security threats, resolving technical issues, and allocating resources effectively. Managing complex technical issues in a fast-paced environment.
Maintaining software and hardware related to security and documenting certifications. Identifying technology issues, including security trends, vulnerabilities, and threats.
Using threat intelligence to enhance security measures. Implementing new security solutions.
Researching security weaknesses and providing recommendations. Collaborating with vendors for security solutions.
Responsibilities: Manage IT staff, recruit, train, monitor performance. Oversee IT budget for cost effectiveness. Monitor server hardware, software, and operating systems. Coordinate technology installations, upgrades, and maintenance. Select and purchase hardware and software. Test, troubleshoot, optimize information systems. Generate OS performance reports. Ensure compliance with laws, codes, and regulations. Evaluate technology risks, develop disaster recovery plans. Stay updated with advancements, best practices. Teach employees about new hardware and software. Maintain security measures against attacks. Administer domain controllers. Develop and implement IT policies, procedures according to ISO 27001. Implement and administer Microsoft Navision ERP system. Knowledge of IT security standards/guidelines like NIST, NERC, CPNI, C2M2, SAMA, SACS 021.
Sr. Executive Infrastructure
Sr. Executive Infrastructure
Sr. Executive Infrastructure
Sr. Executive Infrastructure
With a Certified Information Security Manager® (CISM®) certification, you'll learn how to assess risks, implement effective governance and proactively respond to incidents.
Le lien a été supprimé pour non-respect des conditions d'utilisation. Veuillez contacter l’équipe d'assistance pour plus d'informations.