Information Governance Officer

GlobeMed Group, the largest Healthcare Benefits Management company in the MENA region is looking for an Information Governance Manager who will be responsible for the implementation, and oversight of strategies and programs designed to reduce and mitigate information security risk across GlobeMed to a level tolerable to the organization. The role will help establishing an enterprise-wide information security and assurance function, ensuring that confidentiality, integrity, and availability requirements of information systems and assets are identified appropriately.

Main Duties:

1. Implement programs and processes that monitor the emergence of new threats and vulnerabilities, assessing impacts and suggesting responses as appropriate.
2. Assist in establishing an information security and risk management functional capability and framework across the organization.
3. Ensure that information security and risk is adequately represented on relevant business and governance forums and is known, well-integrated, and addressed across the enterprise.
4. Coordinate all aspects of alignment of Information Security Management System (ISMS) with ISO 27001.
5. Deliver to staff effective information security awareness training.
6. Ensure that all IT and information security programs are in compliance with applicable laws, regulations, and policies.
7. Collaborate with application owners to understand and address (as appropriate) the risk position around key business applications and processes, to build the Business continuity Plan and Disaster Recovery Plan
8. Assist in information security risk assessments across the enterprise at suitable intervals. Ensure that key risk issues are understood, communicated, and tracked on the risk register.
9. Regularly verify that required information security and risk controls are in place, raising findings as noncompliance is found and driving improvement.
10. Ensure that internal and external audits are supported in development of an annual strategic audit plan

• Bachelor Degree in communication engineering, computer science or Information systems
• 3+ years of experience in security related field.
• CISSP/CISM security certification
• Ability to handle security incidents
• Knowledge and expertise of security standards, concepts, principles and processes
• Hands on experience of Security Vulnerability Tools