ADGM
Manager ā Information Security
- Permanent
- Abu Dhabi, United Arab Emirates
- Experience 10 - 15 yrs
Job expiry date: 08/12/2025
Job overview
Date posted
24/10/2025
Location
Abu Dhabi, United Arab Emirates
Salary
AED 30,000 - 40,000 per month
Compensation
Comprehensive package + relocation
Experience
10 - 15 yrs
Seniority
Manager
Qualification
Bachelors degree
Expiration date
08/12/2025
Job description
The Manager ā Information Security is a senior subject matter expert responsible for overseeing all enterpriseāwide information security operations across the organisation, including threat detection, event monitoring, incident handling, cyber hunting, forensic and malware analysis. The role ensures alignment with the enterprise vision, strategy and riskāmanagement framework and covers security strategy, policies, processes, standards and associated activities. The incumbent conducts periodic compromise assessments, ensures effective implementation of confidentiality, integrity and availability controls, leads governance of information security, monitors external threat intelligence, and fosters security best practices. The role also governs cloud strategy, digital transformation security, incident documentation, security KPIs/KRIs, identity & access management, and business continuity across the organisationās digital and cloud infrastructure.
Required skills
Key responsibilities
- Align security risk management activities to support digital empowerment and agility in a secure manner
- Assure management on predictive cyber and information security risks and support decisionāmaking for resilient investments
- Conduct and manage periodic compromise assessments across selected networks and propose recommendations
- Ensure implementation of information privacy, intellectual property rights, confidentiality, integrity and availability controls
- Oversee the achievement of GRC objectives across the organisation
- Ensure information governance and management policies and practices are implemented across digital services
- Document and escalate security incidents with clear history, status and potential impact
- Monitor external data sources such as threat intelligence providers, CERTs and vendor advisories to maintain threat awareness
- Foster security best practices and internal controls to minimise digital and cyber risk exposure
- Ensure regulatory compliances are achieved and managed effectively
- Govern and assure cybersecurity operations in collaboration with IT Security and Operations departments
- Assure business resiliency and readiness through continuity and disasterārecovery planning
- Define strategy and roadmap for digital transformation security and cloud infrastructure protections
- Provide advice and input into disaster recovery, contingency and continuity of operational plans
- Establish integrated businessācentric strategy and program plan for security, risk and resiliency management
- Perform threat management, threat modelling, identification of threat vectors and development of use cases for monitoring
- Review and endorse development and implementation of information security management policies and controls
- Ensure proactive risk identification across strategic, operational, security and tactical levels
- Establish and monitor KPIs, KCIs, and KRIs, and prepare dashboards and reports for senior leadership
- Manage identity and access management practices and ensure compliance with regulatory requirements
- Ensure internal controls are implemented and audits are supported across security, risk and resilience domains
- Lead and manage a team and create an environment of continuous performance improvement, talent mentoring and accountability
Experience & skills
- 10+ years of experience in enterpriseāwide information security and risk management
- 3+ years of relevant business management experience
- Bachelorās degree in Information Technology, Computer Science or related field
- Experience and knowledge of standards and frameworks such as ISOāÆ27001, ISOāÆ20000, ISOāÆ22301, ISOāÆ31000, ISOāÆ27032, ISOāÆ27017 and PCIāÆDSS
- Demonstrated experience in articulating enterpriseāwide governance, risk and compliance strategies from an informationāsecurity perspective
- Proven ability to convert complex strategy and policy into internal and technical controls applicable across the organisation
- Experience establishing and optimising IT and Information Security Governance frameworks
- Sound knowledge of enterprise risk management methodologies, including identification, remediation and monitoring of IT, strategic and cyber risks
- Capability to translate organisational goals and objectives into compliance requirements
