Information Security Manager
- Papel
- Dubai - United Arab Emirates
- Full-time
وصف الوظيفة
The Information Security Officer (ISO) at Papel is a critical role responsible for overseeing and managing the organization's information security program, ensuring the confidentiality, integrity, and availability of our digital assets. This role encompasses the implementation and management of Payment Card Industry Data Security Standard (PCI DSS) compliance, penetration testing, and other relevant security measures/controls. The ISO will work closely with various departments and stakeholders to develop and maintain a robust cybersecurity posture that aligns with Papel's business objectives and risk appetite.
إمتيازات الوظيفة
- Private Health Insurance
- Paid Time Off
- Performance Bonus
متطلبات الوظيفة
- Develop, implement, and maintain a comprehensive information security program, including policies, procedures, and controls, to protect Papel's digital assets and ensure compliance with regulatory requirements and industry best practices.
- Manage the implementation and maintenance of PCI DSS compliance, ensuring the company meets all relevant requirements and undergoes regular audits.
- Oversee and coordinate penetration testing activities, including vulnerability assessments, penetration testing, and security incident response, to identify and remediate potential security risks.
- Collaborate with various departments and stakeholders to assess and address information security risks, ensuring that risk mitigation measures are in line with business objectives and risk appetite.
- Monitor and analyse emerging cybersecurity threats and trends, recommending and implementing appropriate countermeasures to protect Papel's digital assets.
- Develop and deliver cybersecurity awareness and training programs to educate employees on the importance of information security and their role in maintaining a secure environment.
- Manage relationships with external vendors and partners, ensuring that information security requirements are effectively communicated and integrated into third-party contracts and agreements.
- Work with other stakeholders such as technical architects, product managers, developers to implement, configure or maintain security measures/controls.
- Work closely with the CTO to continuously improve cyber security policies, processes, tools and controls.
