Work under the supervision of information / Cyber security leadership within the MMBL. Assess & gather information for Information / Cyber Security process (e.g. Risk & Compliance, Information Protection, Access Control, Incident Management, Application, Systems and Network Security, etc.) and share them with stake holders.
Assess and design end to end information / Cyber security programs including the development of strategy, architecture, processes, governance, solutions, budget and roadmap based on leading practices such as NIST, CIS, ISO27 and others. if needed; ensure their correct enforcement at local level.
Ensure relevant local Information / Cyber Security statutory or regulatory requirements are considered and define the approach to meet these requirements in accordance with the MMBL department’s approach. Ensure that information is classified, protected and owners are appointed.
Design and develop target technical security architecture for MMBL with deep understanding and analysis of emerging information / Cyber security solutions including, but not limited to, threat intelligence, anti-advanced persistent threats, identity and access management, DLP, GRC, SIEM, next generation firewalls, analytics, enterprise incident response and others.
Design, implement and manage security operations center with the required facility, processes, technologies and people.
Communicate effectively (both verbal and writing) with IT personnel, executives and users.
Coordinate, facilitate and make presentations to relevant stake holders in order to deliver the assigned tasks.
Conduct research on emerging information / Cyber security technologies and disseminate knowledge to MMBL management and users where required. Coordinate Information / Cyber Security awareness and training initiatives at local level and define communication contents to spread Information / Cyber Security best practices.
Conduct security risk assessments across the enterprise at regular intervals with different tools and activities. Perform reviews and reporting on the performance of Information / Cyber Security
Work with auditors to keep audit focus in scope and provide advocacy
Performs other duties in line with scope of work and as instructed by the direct manager.