Job Purpose :

We are looking for an experienced Information Security Officer to design and enforce policies and procedures that protect our organization's computing infrastructure from all forms of security breaches. To be successful as an information security officer, you should have good analytical skills and knowledge of the best practices to prevent a wide range of security threats. You should also be an excellent communicator, able to train and educate our staff in various information security topics.

If you are passionate about IT security and want to work with a dynamic team of professionals, we encourage you to apply for this exciting opportunity. We offer competitive salaries and benefits packages, as well as opportunities for professional growth and development.

Key Activities :

• Developing and implementing IT security policies, procedures, and standards
• Identifying potential security risks and vulnerabilities and taking appropriate action to mitigate them
• Conducting regular security assessments to identify weaknesses in our systems and processes
• Developing and implementing security incident response plans
• Managing and monitoring security systems, including firewalls, intrusion detection/prevention systems, and anti-virus software
• Conducting regular security training for employees to ensure they are aware of the latest security threats and how to respond to them
• Investigating security incidents and breaches and taking appropriate action to prevent them from happening again
• Staying up to date with the latest security technologies and trends

Formal Education :

Degree in computer science or a technology-related field.

Specialist Knowledge :

Minimum 3 years of experience as an ISO or in a similar information security role.

Detailed Requirements for each career level (each Functional Level separately)

• Solid knowledge of global information security standards (e.g. NIST, ISO 27001), best practices and requirements from major regulators in the financial sector (e.g. MAS, BaFin) like MAS, l frameworks and standards such as NIST, GDPR, PDPA, ISO 27001
• Solid knowledge of data protection standards (e.g. NIST, GDPR)
• Excellent problem-solving and analytical skills.
• Ability to educate a non-technical audience about various security measures.
• Effective verbal and written communication skills
• Good presentation skills
• Candidates with professional certifications such as CISA, CISM, CRISC, CISSP and other Cyber Security certifications are preferred.