Business Information Security Specialist Jobs in Dubai at Emirates NBD
Title: Business Information Security Specialist
Company: Emirates NBD
*Role is based in Dubai UAE (Not a remote role)
The role of Business Information Security Specialist constitutes the following:
Ensures proactive reach out to the business and regulators to identify opportunities and guidance from a security viewpoint. The role would lead the team to reach out and act as first contact towards the business to ensure security is perceived as an enabler.
Manage the various regional regulatory frameworks and data privacy standards, which the Group must adhere to.
She/he will also lead the team to align with business stakeholders on possible ways to meet security challenges and promote security awareness & risk culture across the organization. Creating the culture of business security champions to develop awareness across the organization. She/he ensures early involvement of security in business projects to avoid unnecessary rework or delays
Proactively identify information security deficiencies or opportunities for improvement and facilitate development of pragmatic solutions
Facilitate both internal and external audits and track them for closure with corrective actions in place – acting as an single point of contact for the audits in IT.
Facilitate with regulatory bodies to collect requirements and meet compliance to their various standards related to IT.
Performing acquisition due diligence for Information Security risks and control deployment
Be a part of the business unit team and act in a consultative way to help business improve its security posture and adhere to security policies and expected controls
Skills, certifications and experience:-
1. ISMS lead implementer/Lead Auditor
3. CISA, ITIL,OSCP,PCI DSS
4. CISSP, CISM, CRISC
5. NESA knowledge (preferably implementation)
Methodologies and practices:Deep experience in alignment of business and IT requirements including translation of business requirements into security requirements (vice versa).
Deep experience in communication and alignment with security teams and implementation teams. Deep expertise on current regulatory agenda and corresponding assessment methodologies
Business acumen:Deep general banking and business area knowledge is necessary in order to identify the right solutions for business and to steer the implementation teams into the right direction as well as making sure that a proper relationship to the business side is established
1. 3+ years’ experience in the Information Security domain of which at least 1 years in the financial industry
2. Business acumen: Experience of 3 years understanding the financial industry, market, and specific operations that relate to banking & finance
· Technical background covering heterogeneous technologies and multiple security domains (Technical)
· Competence in the use/customization of GRC tools preferably Archer
· Deep knowledge of regulatory frameworks and how to embed them into business requirements (Technical)
· Knowledge required of security controls, typical pitfalls and required measures for security compliance. Deep experience of the current technology backbone and available technologies within the security space (Technical)
· Deep knowledge of the interface to the implementation including development methodology knowledge including latest market trends and their possible application to the bank
· Deep knowledge of current business priorities and projects and corresponding business goals
· At least some experience with Cloud Security