Job Description

Affinity

Free placement

Group Vice President - Cyber Audit

Job id: 554571

24 Nov 2024

Job Location

Dubai, United Arab Emirates

Experience

10 to 30 years

Qualification Level

Graduate

Job Function

Accounts / Tax / CS / Audit / Finance
IT - Hardware
IT - Software
Top Management

Skillset

Cyber Security implementation and Audit, hands on IT Security Testing, internal network vulnerability assessments and external penetration tests, Big 4 background

Jobseeker Nationality

Jobseekers from any country

We are seeking to recruit on behalf of our client a GROUP VICE PRESIDENT FOR CYBER AUDIT based in DUBAI ON A LONG -TERM RESIDENTIAL CONTRACT

Purpose:

• As the Group Vice President for Cyber Audit, your primary purpose is to lead and oversee the development, implementation, and continuous improvement of a robust global independent cybersecurity assurance program within our organization.
• Your role is critical in providing independent oversight and assurance to senior management and stakeholders that our cybersecurity measures effectively protect the organization's digital assets and data.
• You will lead complex IT and cybersecurity audits, assessments, penetration tests to evaluate effectiveness of security controls; manage external auditors and consultants as necessary
• Establish and maintain a Cybersecurity Assurance Program that includes overall framework, Cyber Assurance strategy, annual assurance plan, procedures, standards, and controls to safeguard our digital infrastructure and sensitive information. Independently assess compliance with relevant regulatory requirements, industry standards, and cybersecurity frameworks.
• Collaborate with Group Technology teams to align cybersecurity assurance efforts with their cybersecurity operations and technical initiatives. Leverage each team's distinct roles and expertise for a holistic approach to cybersecurity.

Duties:

• Establish and maintain a Cybersecurity Assurance Program that includes overall framework, Cyber Assurance strategy, annual assurance plan, procedures, standards, and controls to safeguard our digital infrastructure and sensitive information.
• To deliver Cyber Assurance Program which includes complete IT Security and Cyber security related audits independently across all Group entities.
• Lead the Cyber Security Audit team to deliver Cyber Security assurance program, to deliver targeted audits addressing the highest risks and areas that matter the most for our business.
• Accountable for end-to-end cyber security audit program – from risk identification, audit planning, scoping, execution reporting and following up on closure of items
• Continuously monitor and assess emerging threats and vulnerabilities and update Cyber Assurance Program accordingly.
• Project manage all Cyber Security Assurance work including directing, coordinating, reviewing, and reporting of the work of Security audit teams and providing expertise in all IT and Cyber Security related matters and audits.
• Conduct Cyber Security Audits using tools and or manual exploitation techniques, document, and present conclusions in a clear concise manner to business unit management and group senior management and agree all IT control and process improvements and recommendations which may include operational enhancements or efficiencies, and the preparation of audit reports as well as documenting controls
• Manage the Development, execution and maintenance of comprehensive IT security audit work programs including common OS, network & database security, portals and application, internal and external penetration tests, configuration audits etc. Classification: Public - HO
• Ensure regular IT Issues Follow up, IT Security Awareness campaign, and other Audit initiatives as required are conducted by the IT Security Audit team in line with GIA procedures manual.
• Promotes and leads identifying and sharing IT security and general IT good practices that can be implemented within the Group and external entities. Advise HO, Regional and terminal IT on IT and IT Security trends and emerging risks.
• Manages non-audit projects (e.g., IT and IT security incident reviews, business process reviews, compliance reviews, fraud investigations, project reviews).
• Keep self and team up to date and educate team members on IT industry trends and advancements by investing in self-learning and being an active member and contributor at organizations such as ISACA, IS forums, IT Audit groups, Seminars – IT Risks and Controls, IT Security – threats and controls, Emerging IT Risks
• Develop and maintain professional relationship with auditees’ IT teams, Senior IT management and Technology executive management at Group technology to create an expert network, leverage the global expert network, promote synergy within various IT departments.
• Provide regular updates to the Audit Committee on IT and Cyber Security related matters. The above outlined responsibilities are not exhaustive, and you may be required to carry out other tasks that are appropriate to your role in addition to these.
• Ability to quickly identify signs of control and procedure weaknesses or failures within disparate business functions.
• Demonstrates know-how of company and business process flows and company’s business and applies this knowledge to identify recommendations.
• Ability to travel internationally on a regular basis (between 50 - 70% travel). Perform all assigned audit duties in manner that reflects the highest professional standards and complies with the guidelines of the Institute of Internal Auditors.
• Always act as an ambassador for Group when working; promoting and demonstrating positive behavior in harmony with Group’s Principles, values and culture; ensuring the highest level of safety is applied in all activities; understanding and following Code of Conduct and Ethics policies.
• Perform other related duties as assigned. Classification: Public - HO Qualifications,

Experience & Skill Qualifications:

• Computer Science Degree, preferably with specialization related to information security or cybersecurity.
• 2 or more IT security related / audit qualifications in good standing e.g., CISA, CISSP, CISM, CEH, CGEIT, OSCP
• Proven leadership experience in global cybersecurity assurance roles
• Deep knowledge of global cybersecurity principles, practices, and technologies
• 10 to 15 years post qualification Cyber Security implementation and Audit experience – including hands on IT Security Testing experience including internal network vulnerability assessments and external penetration tests
• Big 4 background beneficial
• Developed and implemented a robust security assurance framework, ensuring alignment with industry standards and regulatory requirements
• Led a team of cybersecurity professionals to perform comprehensive security assessments, including vulnerability scanning, penetration testing, and security audits
• Conducting information security audit work which conforms to professional standards such as NIST, NIS, GDPR, CIS, COBIT, ISO 27001, ISR, NESA, GTAG, CIIPA and other standards applicable to Group entities
• Industry experience in IT e.g., OS administration, network administration, firewall configurations and controls, IT security implementation, etc. is beneficial
• Developing and delivering Cyber assurance in a large enterprise environment
• Ability to analyses security risks from business unit level to organization wide level
• A deep understanding of hacking techniques, security assessment tools, security protocols, and programming languages to be able to use these and guide the team on their use
• An expert in use of IT Security and IT Audit testing tools and techniques – vulnerability scanners, exploit tools, manual and automated exploit techniques; research and employ new techniques to identify gaps in IT infrastructure and control environment, ensuring level of tests performed is at par with offerings by external penetration and security test providers.
• Apt at forming, deploying, and leading it security audit teams on multiple audits, working with external co-sourced resources to deliver cutting edge security assurance. Classification: Public – HO
• Strong verbal and listening communication and presentation skills with the ability to persuade and influence management, and communicate complex, sensitive and contentious information with ease
• Excellent report writing skills; Impactful presentation skills, Desire for accuracy and attention to detail
• Ability to be able to work as part of cross functional team and/or independently; self-motivated and proactive
• Superior time management and demonstrable project management skills to meet deadlines with minimal supervision
• Good cultural awareness due to contact with global offices

Disclaimer: GotoGulf is a platform that facilitates recruiters and jobseekers reach out to each other. Applicants are advised to research the bonafides of recruiters independently. We do not endorse requests for money payments and strictly advise against sharing personal or financial information. If you suspect malpractice, please email to us.