Assistant Director Corporate Information Security
Ooredoo Qatar
قطر
منذ 5 يوم
source : tanqeeb

Purpose :

This role is responsible for to ensure information assets are adequately protected through directing staff in identifying, developing, implementing and maintaining processes across the organization to reduce information and technology risks, respond to incidents, establish appropriate standards and controls.

Context / Background :

Corporate Information Security department is responsible for securing information, technology and service availability through effective planning and management.

The section ensures strategic areas securing information, technology and service availability through effective planning and management for OQ.

ROLE ACCOUNTABILITIES

  • Defines the security strategy, roadmap and acts as the primary interface to the business.
  • Manage the development of Information Security Architecture blueprints for Ooredoo Qatar.
  • Build & maintain the Information Security program based on risks.
  • Defines Security governance framework.
  • Identifying and delivering security remediation activities and improvement programme.
  • Establishes frameworks to develop and maintain appropriate information security expertise within an organization.
  • Manage formulation of policies and procedures to protect information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction, ensuring that the organisation maintains security best practices to comply with standards such as BS7799, ISO 17799 and ISO 27001.
  • Work with Enterprise risk team for evaluating and managing corporate risk and incorporating it as part of the overall Security and Business Continuity / Disaster Recovery plans and strategy.
  • Managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes.
  • Application of the concepts of information management and corporate risk to the practices and technologies of physical security in order to have a complete security framework.
  • Managing convergence of technical and physical security controls and solutions.
  • Manage department budget and expenses in line with corporate spending
  • Corporate regulatory compliance, ensuring the personnel within the corporate are aware of and take steps to comply with relevant laws and regulations, as well as the policies and procedures ensuring the corporate is aligned to appropriate ICT / MOI regulatory laws.
  • Managing governance and enforcement of Information technology controls related to the confidentiality, integrity, and availability of data.
  • Work with teams to ensure appropriate security architecture and solutions are deployed covering network, physical, application or system security.
  • Working with other BU’s to bring the necessary tools and solutions in place to help with compliance and effective security monitoring.

  • Develop and conduct user awareness to internal users and subscribers.
  • Establishing corporate resilience policies and guidelines including excess capacity, redundancies, and failovers.
  • Establishment of a Security Operations Center a place where enterprise information systems (web sites, applications, databases, data centers and servers, networks, desktops and other endpoints) are monitored, assessed and defended.
  • Develop approaches to generate revenue through security with business solutions and customer BU’s.
  • Work with other BU’s in providing security technologies / services to subscribers and external customers in order to generate a new revenue stream for Ooredoo.
  • Work with internal audit teams and external consultants as appropriate for audits related to security.
  • Communicate periodic status reports to higher management and escalate potential issues as appropriate.
  • Managing policies and governance of physical security asset protection; personnel security; systems and products.
  • EXPERIENCE, QUALIFICATIONS & SKILLS

  • 12 years’ experience
  • 10 years with a telecom operator in similar capacity
  • Thorough understanding of network and IT security and Business Continuity / Disaster Recovery standards and procedures in telecom
  • Bachelor’s Degree
  • 12 years in telecom networks and Information security or Business Continuity / Disaster Recovery management
  • 6 years management experience
  • قدِّم طلب ترشيحك
    أضف الى المفضلات
    إزالة من الإشارات المرجعية
    قدِّم طلب ترشيحك
    بريدي الالكتروني
    بالضغط على "واصل" ، أعطي موافقة نيوفو على معالجة بياناتي وإرسال تنبيهات إلي بالبريد الإلكتروني ، على النحو المفصل في سياسة خصوصية لـ نيوفو . يجوز لي سحب موافقتي أو إلغاء الاشتراك في أي وقت.
    واصل
    استمارة الطلب