Information Security Governance Unit Head
Confidential
Total years of experience :21 years, 5 Months
Supporting the Chief Information Security Officer in Establishing the information security function, defining security organization structure include team structure, roles and responsibilities, scope of responsibilities, formulating relevant information security committees, facilitating strategic decision making process using a systematic risk assessment and management methodologies.
Establishing and maintaining the IT Group Information Security Management System (ISMS) as per compliance requirements of the ISO 27001:2013 and other leading international standards and practices including ISO 22301, ISO3100, SCADA Security GP, and NERC CIP (Critical Infrastructure Protection) in addition to the applicable national statutory and regulatory compliance requirements
Establish, maintain and improve the organization Information Security Management System (ISMS) in order to protect the confidentiality, integrity and availability of information, give direction on the advancing technologies, tools, standards, and strategies that ensure Information Security Governance is continuously improved and is aligned with business objectives, and applicable laws and regulations.
Key Work:
1. Monitoring the information security related activities of departments / suppliers responsible for safeguarding the company's information assets to ensure compliance with company policies and procedures.
2. Defining an approach for organization-wide risk assessment of assets and risk management
3. Approving methodologies and processes for information security e.g. risk assessment, asset classification
4. Identify protection goals, objectives and metrics consistent with corporate strategic plan.
5. Manage the development and implementation of global security policy, standards, guidelines and procedures to ensure ongoing maintenance of security.
6. Assessing the adequacy of information security controls and coordinating their implementation
7. Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
8. Maintain relationships with local law enforcement and other related government agencies.
9. Review the business continuity plan periodically
10. Monitor the business continuity and disaster recovery procedures in case of any disaster
11. Institutionalize information archiving through primary, secondary & tertiary information backup and recovery processes
12. Plan for additional investment in security after consultation with other members of the Security committee
13. Ensure that appropriate awareness and training sessions are conducted for the concerned to understand the Organization’s security policies....
To establish and maintain the organization Information Security Management System (ISMS) in order to protect the confidentiality, integrity and availability of information according to ISO27001 compliance requirements
Key Work:
1. Identify and manage information security risks associated with the business objectives.
2. Documenting the information security policies and procedures instituted by the organization's Information Security Committee.
3. Coordinating the activities of the Information Security Committee
4. Facilitate the development, testing and implementation of organization security plans, products and controls techniques
5. Facilitate the preparation of the organization's disaster recovery and business continuity plans for information systems.
6. Providing direct information security training to all employees, contractors, alliances, and other third parties.
7. Monitoring compliance with the organization's information security policies and procedures and referring problems to appropriate department managers or administrators
8. Reviewing information system related information security plans throughout the organization's network, and acting as liaison to the Information Systems users
Managing the full operations of a company specialized in Physical Security Systems, Time Management Solutions, Banking specialized systems and other related products.
Consulting and Education using Role-based Training and Modular Enterprises "CERTME™."
E-Learning, Information Assurance and Security Consulting.
http://www.ics-emea.com/
Between KSA & Egypt.
Managing the Support and Implementation team for Physical Security Systems, Time Management Solutions, Banking specialized systems and other related solutions
Support Physical Security Systems, Time Management Solutions, Banking specialized systems and other related solutions
Overall Grade: Good. Graduation project: Autonomous Handling Robotic Vision System, Project Grade: Excellent.
URL removed due to policy violation. Please contact support for further information.