We are seeking to recruit on behalf of our client a GROUP VICE PRESIDENT FOR CYBER AUDIT based in DUBA ON A LONG TERM RESIDENTIAL CONTRACT.
Purpose
As the Group Vice President for Cyber Audit, your primary purpose is to lead and oversee the development, implementation, and continuous improvement of a robust global independent cybersecurity assurance program within our organization. Your role is critical in providing independent oversight and assurance to senior management and stakeholders that our cybersecurity measures effectively protect the organization's digital assets and data.
You will lead complex IT and cybersecurity audits, assessments, penetration tests to evaluate the effectiveness of security controls; manage external auditors and consultants as necessary; establish and maintain a Cybersecurity Assurance Programme that includes an overall framework, Cyber Assurance strategy, annual assurance plan, procedures, standards, and controls to safeguard our digital infrastructure and sensitive information. You will independently assess compliance with relevant regulatory requirements, industry standards, and cybersecurity frameworks. Collaborate with Group Technology teams to align cybersecurity assurance efforts with their cybersecurity operations and technical initiatives.
Duties
1. Establish and maintain a Cybersecurity Assurance Programme that includes an overall framework, Cyber Assurance strategy, annual assurance plan, procedures, standards, and controls to safeguard our digital infrastructure and sensitive information.
2. Deliver Cyber Assurance Program which includes complete IT Security and Cybersecurity related audits independently across all Group entities.
3. Lead the Cyber Security Audit team to deliver the Cyber Security assurance program, addressing the highest risks and areas that matter the most for our business.
4. Accountable for end-to-end cyber security audit program – from risk identification, audit planning, scoping, execution, reporting and following up on closure of items.
5. Continuously monitor and assess emerging threats and vulnerabilities, and update Cyber Assurance Program accordingly.
6. Project manage all Cyber Security Assurance work including directing, coordinating, reviewing, and reporting of the work of Security audit teams.
7. Conduct Cyber Security Audits using tools and/or manual exploitation techniques, document and present conclusions in a clear concise manner to business unit management and group senior management.
8. Manage the development, execution and maintenance of comprehensive IT security audit work programs including common OS, network & database security, portals and application, internal and external penetration tests, configuration audits etc.
9. Ensure regular IT Issues Follow up, IT Security Awareness campaign, and other Audit initiatives are conducted by the IT Security Audit team in line with GIA procedures manual.
10. Promote and lead identifying and sharing IT security and general IT good practices that can be implemented within the Group and external entities.
11. Manage non-audit projects (e.g., IT and IT security incident reviews, business process reviews, compliance reviews, fraud investigations, project reviews).
12. Keep self and team up to date and educate team members on IT industry trends and advancements.
13. Develop and maintain professional relationships with auditees’ IT teams, Senior IT management and Technology executive management.
14. Provide regular updates to the Audit Committee on IT and Cyber Security related matters.
15. Perform other related duties as assigned.
Qualifications
1. Computer Science Degree, preferably with specialization related to information security or cybersecurity.
2. 2 or more IT security related/audit qualifications in good standing (e.g., CISA, CISSP, CISM, CEH, CGEIT, OSCP).
3. Proven leadership experience in global cybersecurity assurance roles.
4. Deep knowledge of global cybersecurity principles, practices, and technologies.
5. 10 to 15 years post qualification Cyber Security implementation and Audit experience.
6. Big 4 background beneficial.
7. Developed and implemented a robust security assurance framework.
8. Led a team of cybersecurity professionals to perform comprehensive security assessments.
9. Conducting information security audit work which conforms to professional standards.
10. Industry experience in IT (e.g., OS administration, network administration, firewall configurations).
11. Ability to analyse security risks from business unit level to organization wide level.
12. A deep understanding of hacking techniques, security assessment tools, security protocols, and programming languages.
13. Strong verbal and listening communication and presentation skills.
14. Excellent report writing skills; impactful presentation skills.
15. Ability to work as part of a cross-functional team and/or independently; self-motivated and proactive.
16. Superior time management and demonstrable project management skills.
17. Good cultural awareness due to contact with global offices.
#J-18808-Ljbffr