Job
Description
Job Purpose To Manage Information Security activities and ITSM processes related to Airport IT Operations. To ensure Security, Quality and Compliance of Systems, Services , Processes . To ensure IT Process Alignment with Business and Stakeholder Requirements To manage Information Security activities and Information Technology Services processes governance relating to IT Operations to ensure confidentiality, integrity and availability of systems, services and associated information are in tune with business and stakeholders needs and adhering to regulatory & statutory requirements ORGANISATION CHART Key Accountabilities Reducing gap between current state and desired state to acceptable risks. Roll out corporate Initiatives as per corporate guidelines Propose, Review and Recommend cost-effective solutions Asset Classification Business Impact Assesments Threat and Vulnerability evalautions Risk Assesment and Risk Management Evaluate information security controls and countermeasures Integrate risk, threat and vulnerability identification and management into information management life cycle Identify and evaluate information security technologies, emerging trends Align information security architectures with changing business needs Develop information security standards, procedures and guidelines implement and communicate information security policies, standards, procedures and guidelines Design controls and review controls effectiveness KEY ACCOUNTABILITIES - Additional Details EXTERNAL INTERACTIONS External - Roles you need to interact with outside the organization to enable success in your day to day work Concessionaires/Regulatory Agencies /Airlines: Information Security Approvals for new service requests. Non-disclosure Agreements MDI Acceptance and awareness on Information Security Policy Regulatory and Legal Compliance Data privacy and Protections Incidents/Breaches Quality assurance Vendors Information Security Policy Compliance Physical and Environmental controls in use of facilities Review of Incidents/ Breaches Regulatory and Legal compliance Contracts and Procurement Info security guidelines Upgrades / Releases/Patches Security Bulletins Awareness and Training Vulnerability and Security Assessment tailored to business needs SLA Reviews Audits Event and log correlation Quality Assurance Implementation Partners: (Dubai Technology Partners, TCL, TTSL, BSNL, Pathfinder, IBM, KRONOS). Review for security policy compliance with Data and Privacy regulations Quality Assurance Implementation Partners: (Dubai Technology Partners, TCL, TTSL, BSNL, Pathfinder, IBM, KRONOS). Review for security policy compliance with Data and Privacy regulations Quality Assurance OEMs (UFIS, RESA, IER, SAFEGATE, BOSE, SIEMENS COMMUNICATION, SITA) : Performance Review SLA review Incidents and Problem review Legal and Regulatory compliance Security Policy compliance Quality Assurance INTERNAL INTERACTIONS Internal - Roles you need to interact with inside the organization to enable success in your day to day work Business units Aligning Business Requirements with security policy Awareness Programs Compliance and Regulatory Requirements Contractual requirements Human Resources Pre entry, entry and exit Physical and Environmental Requirements Business Continuity Tests Access Controls Quality Assurance Joint Venture Partners (HMACPL, HDFRL, NOVOTEL, FUEL FARM) : Security policy alignment with business requirements Security Awareness Regulatory and Legal compliance SLA Reviews Quality Assurance GHIAL employees Policy awareness Policies compliance Trainings Incident Reporting and Management Quality Assurance DIAL IT & Corporate IT: Share best practices CISO: Ensure corporate requirements are rolled out to business unit-GHIAL Review technological and business unit security requirements Quality Assurance FINANCIAL DIMENSIONS OPEX AOP SIEM Log monitoring and Compliance Cost optimization and Revenue maximizations assurance activities Other Dimensions Team size: 1 Customers : 130 End users : 1000+ (staff across HIAL, GADL & Other companies inside the campus using IT services) Education Qualifications Required B.E (Computers / Electronics /IT) Required Postgraduate in computer/ IT Required CRISC (Certified in Risk and Information Systems Control) / or CISA/ or CISM Desirable MBA Relevant Experience Minimum 9-11 Years in IT with at least 8 Years in Information security, quality and assurance functions COMPETENCIES Personal Effectiveness Social Awareness Entrepreneurship Problem Solving & Analytical Thinking Planning & Decision Making Capability Building Strategic Orientation Stakeholder Focus Networking Execution & Results Teamwork & Interpersonal influence Show more Show less
