Job description

The Manager Data Security & Privacy (UAE National) is accountable for reviewing demands to secure du solutions/platforms originating from Managed Services, IT, and Network, and for building appropriate data security controls. The role manages the overall planning, design, and implementation of data Security Services programs and projects; identifies technical requirements resulting from contracted products and services and coordinates with Product Design & Specification on data security services technology solutions; executes internal TSRM security projects in line with business objectives and requirements; serves as the subject-matter expert across Data Security & Privacy initiatives including DLP, Database Activity Monitoring (DAM), IRM, data classification, encryption, tokenization, MDM, IAM, dashboards, and PAM; develops Security Designs based on assessments for services delivered over Telecom/IT infrastructure and Managed Services; plans and manages assessments of cloud security solutions to ensure requirements are designed and implemented per agreed quality and timelines; provides guidelines and ensures security compliance to du security requirements covering Vulnerability & Patch management, Terminal Security, Operating System Hardening, High Availability of services, and Infrastructure Administration Security; and leads the Acceptance Testing Plan (ATP) for security projects to evaluate and validate scope. Qualifications include a relevant engineering bachelor’s degree and certifications (Firewall Associate, ITIL, Systems Engineer). Experience requires 8–10 years in a similar role in the telecommunication industry, security certifications such as CISSP/CISM (or course completion with specified experience), strong knowledge of security planning for state-of-the-art technologies (data security & privacy, Identity Manager, Secure Web Gateway, Firewall, SSL VPN, https inspection, Directory Services, OSS technologies), ISO27001 Lead Auditor or CISM, and in-depth experience across large data centers, enterprise IT, telecom core networks, application and data/information security. Skills include comprehensive understanding of telecom and enterprise IT systems (Active Directory, Exchange, DHCP, DNS, Citrix, ERP; OSS/BSS systems such as CRM, BSCS, ACS, AAA, NTP, U2000, M2000), common security issues and controls (HIDS/HIPS, Secure Email Gateway, Network IPS, forward/reverse proxy, WAFs, ACL management, remote access, VPN), enterprise remote access with Citrix technologies, and telecom networks/change management, firewall changes, network routing, and transport security, along with extensive expertise in content and infrastructure security, multi-factor authentication, SSO, OTP, endpoint security, security events monitoring, and DLP.