Posted By

Job Views:  
1618
Applications:  51
Recruiter Actions:  4

Posted in

IT & Systems

Job Code

548993

Information Architect - Information Security - Healthcare Domain

10 - 12 Years.Qatar
Posted 6 years ago
Posted 6 years ago

Job Responsibilities & Skills

- Provide regular reporting on the current status of the information security program management as part of a strategic enterprise risk management program

- Create and manage a targeted information security awareness training program for all employees and contractors and establish metrics to measure the effectiveness of this security training program

- Provide clear risk mitigating directives for projects with components in IT, including mandatory application controls

- Determine the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of non-digital risk areas

- Develop, implement, and monitor a strategic, comprehensive information security program to ensure appropriate levels of confidentiality, integrity, availability, safety, privacy, and recovery of information assets owned, controlled and/or processed by the organization

- Develop and enhance an up-to-date information security management framework

- Develop and maintain a document framework of continuously up-to-date information security policies, standards, and guidelines

- Create a framework of roles and responsibilities with regard to information ownership, classification, accountability, and protection of information assets

- Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase maturity of the information security, and review it with stakeholders at the executive level

- Coordinate with the enterprise architecture team to build alignment between the security and enterprise architectures to ensure those information security requirements are implicit in IT architectures and security is built in by design

- Work with the compliance staff to ensure that all information owned, collected, or controlled by or on behalf of the company is processed and stored in accordance with applicable laws and other global regulatory requirements, such as financial, lending, and data privacy

- Ensure that security is embedded in the project delivery process by providing appropriate information security policies, practices, and guidelines

- Oversee technology dependencies outside of direct organizational control that includes renewing of contracts and the creation of alternatives for managing risk

- Manage and contain information security incidents and events that protect corporate IT assets, intellectual property, regulated data, and the company's reputation

- Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action

- Develop and oversee effective disaster recovery policies and standards to align with the enterprise business continuity management (BCM) program goals

- Coordinate the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provide direction, support, and in-house consulting in these areas

TECHNICAL SKILLS

- A Bachelor degree in IT or equivalent.

- 9+ years of experience working in IT

- 6+ years of experience as an Information Security Specialist

- Professional security management certification such as CISSP, CCISO, CISM, and/or CISA required

- Strong knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies

- Strong knowledge of information security best practices, standards, and frameworks, such as ISO/IEC 27000, NIST 800-53, and PCI DSS

- Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic business environment

- Knowledge of business IT ecosystems, SaaS, IaaS, PaaS, cloud computing, SOA, APIs, open data, open systems, microservices, event-driven IT and predictive analytics

- Exceptional soft and interpersonal skills, including teamwork, facilitation, and negotiation

- Strong leadership skills

- Excellent written, verbal, communication, and presentation skills

- Excellent planning and organizational skills

Salary : Max 180,000 QR

Didn’t find the job appropriate? Report this Job

Posted By

Job Views:  
1618
Applications:  51
Recruiter Actions:  4

Posted in

IT & Systems

Job Code

548993

UPSKILL YOURSELF

My Learning Centre

Explore CoursesArrow