Role: Information Security Officer
Language Requirement: Arabic Speaking (Mandatory)
Experience: 8+ Years (5+ Years in a Similar Role)
Job Summary
The Information Security Officer is responsible for ensuring compliance with information security policies and standards during mega sports events and non-event periods. This role oversees information security governance, risk management, incident management, and compliance activities to maintain a secure information environment across people, processes, and technology.
Key Responsibilities
Information Security Governance
- Plan, coordinate, and organize all Information Security activities across the organization.
- Enforce, monitor, and ensure compliance with IT Information Security Policies.
- Develop, implement, and maintain Information Security policies, procedures, and standards.
- Ensure risk assessments are conducted for people, processes, technologies, and information processing facilities.
- Ensure implementation of security controls defined in Risk Treatment Plans.
- Assess operational capabilities and measure the effectiveness of security controls and policies.
- Supervise and coordinate related assurance and compliance functions as required.
- Lead ISMS committee meetings and information security governance forums.
- Conduct information security communications and outreach programs.
Security Incident Management
- Establish and maintain formal incident reporting, tracking, and escalation procedures.
- Oversee investigation and resolution of information security incidents and policy violations.
- Ensure timely incident notification and reporting in accordance with policy.
- Develop corrective and preventive action plans to mitigate recurrence.
- Track incidents through closure and ensure proper documentation.
Problem Management
- Analyze security incidents to identify underlying systemic problems.
- Categorize and prioritize problems based on frequency, severity, and business impact.
- Perform root cause analysis and document known error records.
- Define, test, and apply temporary workarounds and permanent fixes.
Risk Management
- Establish and manage an enterprise Information Security Risk Management Program.
- Conduct periodic vulnerability and risk assessments.
- Identify, assess, and prioritize security risks and their business impact.
- Define and monitor risk mitigation strategies and treatment plans.
- Track risk status and report to management and governance committees.
Business Continuity & Disaster Recovery
- Develop, implement, and maintain Disaster Recovery (DR) procedures and supporting infrastructure.
- Ensure alignment with Business Continuity Plans (BCP) and IT Service Contingency Plans.
- Coordinate DR testing and exercises and track remediation actions.
Awareness & Training
- Design and deliver Information Security awareness and training programs.
- Conduct onboarding and periodic security orientation sessions for employees, contractors, and third parties.
- Promote a strong security-first culture across the organization.
Required Qualifications & Experience
- 8+ years of overall IT experience.
- 5+ years in an Information Security or similar governance role.
- Bilingual Arabic speaking is mandatory.
- Proven experience in security governance, risk management, and compliance programs.
Interested One share your resume to [Confidential Information]
