Job Purpose
The Emirates Group is looking to provide IT professionals’ opportunities to join the world of aviation and travel. Technology is evolving and applications are widely used across all the Emirates Group, which includes the world’s largest international airline Emirates, and one of the worlds largest combined air services providers, dnata. The Group is experiencing a strong recovery and demand across its businesses and is offering a range of career opportunities for skilled IT professionals to work with technologies at world-leading innovative partners in a dynamic and evolving environment.
Offering a dynamic and varied technology environment, the Group offers exciting career growth opportunities with requirements across B2C, B2B, corporate support functions, fulfilment and operations, to support its 40+ different businesses and brands in Dubai and globally. Aside from its own internal programmes, Emirates has also invested into a number of innovation programmes such as the Aviation X-Lab in partnership with GE, Airbus, Thales, and Collins Aerospace; and Intelak in partnership with Accenture, Microsoft and Dubai Tourism.
In this reole you will maintain the IT Risk Management framework, and perform risk assessments on CyberSecurity, third party, IT operations and project & programme risks. Maintain the CyberSecurity governance framework, review policies and standards, and conduct CyberSecurity awareness campaigns.
Job Outline:
- Ensure a comprehensive IT Risk Management framework is established to identify, analyse, mitigate, monitor and communicate IT risks across Emirates IT.
- Collect IT risks identified through various channels (e.g. risk assessments, incidents), log them in the IT Risk Register and perform continuous mornitoring activities.
- Perform regular risk assessments on Third Party, CyberSecurity, Project & Programme and IT operations risks. Perform risk assessment reports and present the results to Management.
- Produce regular risk reports for all IT departments, and Top risks report for Senior Management.
- Develop Key Risk Indicators (KRIs) for IT and create dashboards for continuous monitoring of the risks.
- Conduct regular IT and CyberSecurity maturity assessments, bench-marking assignments and gap assessments against industry best practices to identify areas of improvement.
- Periodically assess, improve and develop CyberSecurity controls, policies, processes and standards.
- Design, develop and maintain a CyberSecurity scorecard by business area, to assess the CyberSecurity posture: Identify key metrics covering all CyberSecurit aeras, automate the data collection and scorecard production for all business areas, present the scorecard to the business.
- Monitor and track IT regulatory requirements. Keep abreast of emerging risks and industry standards, and assess the potential impact on the organisation. Produce regular reporting to Senior Management.
- Support / contribute to the IT security awareness campaign by organising roadshows, publishing articles, or conducting on-site CyberSecurity training. Conduct awareness training and workshops on IT Risk Management.Manage daily security exceptions requests: Assess, review and action requests for exceptions to policies and standards from all levels of the organization, both corporate and IT users. Maintain an up-to-date repository of all the exceptions granted and communicate the exceptions to relevant business/ technical units.
Qualifications & Experience
Information Technology.Other : 5+ Years
Degree or Honours (12+3 or equivalent) :
Degree in a subject related to IT Experience experience in IT Risk management, CyberSecurity and Governance. Knowledge/skills: - Information Security - Risk Management - CyberSecurity Awareness - Holistic IT Knowledge of Heterogeneous Technology Environments Leadership Role : NO Safety Sensitive Role: No
.jpeg)
No comments:
Post a Comment