Information Security Compliance Officer
NMC
Total years of experience :14 years, 2 Months
Oversee the implementation of information security and business continuity strategies, policies, procedures, standards and guidelines.
•Conducted periodic compliance assessments to ensure adherence to applicable regulations and industry standard and developed, implemented, and maintained policies, procedures, and controls to mitigate compliance risks.
•Effectively explain, interpret and work closely in the implementation of government administered cyber security controls of Abu Dhabi Healthcare Information and Cyber Security Standard (ADHICS) and monitor regulatory compliance & achieved the AAMEN Certification.
•Record and track IT security incidents, including compromised accounts, e-mail threats, and abuse reports from various sources.
•Perform security assessment for company initiatives to analyze new technologies for conformance.
•Conduct routine security risk analysis, evaluate business needs against vulnerabilities.
•Manage Cyber security incident response program and carry out periodically test response across the entity.
•Facilitate data governance, data classification, and data protection initiatives implementation and periodic monitoring.
•Develop and manage Information security awareness & Data privacy training.
•Provide oversight and guidance during security incidents and investigations, ensure root cause analysis is undertaken and input suggested approaches to deal with lessons identified.
•Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
•Develop and enhance the Information security management framework based on industry best practices such as ISO 270001, ISO 20000, ITIL & NIST Standards.
•Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
•Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the security program to the top management.
•Oversee security audits performed by organization or third-party personnel.
•Manage security team members and the security exposure of the Organization.
•Evaluate department budget and costs associated with information security.
•Identifying information security risks and exposures, determine and implement security governance processes and controls and communicate with the organization management.
•Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement.
•Implement and oversee technological upgrades, improvements and major changes to the information security environment.
•Communicate information security goals and new programs effectively with other business units within the organization.
•Liaising with legal team for evaluating contractual obligations.
Render L3 support for servers, VMware and storage including L3 remote support to 14 branches of NMC Healthcare and Acquired entities across UAE.
•Proactively monitoring the use of physical and virtual environments, including fully redundant and clustered services.
•Managing Active Directory, GPOs in a Windows Server 2012 R2 platform.
•Creating, Managing and Monitoring backup policies using Veritas NetBackup as per the business requirements.
•Support the full system engineering life-cycle, including requirements, analysis, design, development, integration, implementation and replication of VMware & Hyper-V.
•Ensure that the VMware system is optimized for the utilization of SAN storage and resource allocation.
•Managing Service desk and network monitoring tool (Manage Engine Service Desk Plus and Op-Manager).
•Complete Data center infrastructure setup including UPS bypass, Server Racking & Structured Cabling and cable dressing.
Installs /Repair application related issues on machines remotely
•Oversee the daily performance of computer systems and servers
•Creation and Maintenance of Virtual machines through VMware sphere and Citrix XenDesktop
•Troubleshooting skills on Hosted/published applications, printer related issues in a Citrix environment
•Maintain system efficiency, network and system security
•Assignment of static IP addressing for individual machines
•Perform daily Health checks on HP storage systems and zoning on cisco switches and Brocade switches
•Troubleshooting on SAN and VMware related issues
•Update the necessary patches for Operating systems and applications
•Develop training materials and procedures, and update resource material for technical engineers using SharePoint
•Prepare evaluations of software or hardware, and recommend improvements or upgrades
•Responsible for adhering to SLA and ownership on Incidents throughout the life cycle
URL removed due to policy violation. Please contact support for further information.