Cyber Security Manager

Key Duties & Responsibilities:Developing, maintaining, and ensuring approval of the information security policies, procedures, standards, and guidelines.Ensure that detailed security standards and procedures are established, approved, and implemented (IS & Physical).Ensure that enterprise information security governance is properly established and functioning.Review and recommends to Managing Director security policy exception requests.Review the information security Internal/External audit reports and ensure findings are probably addressed in accordance to a mitigation plan.Overseeing vulnerability and threat management activities and ensure findings are probably addressed in accordance to a mitigation plan.Supervise the periodic penetration testing and security reviews for all externally provided services and their technical components to assess the level of protection.Act as general secretary of the information Security Management committee (ISMC)Recommend to Lebara management and concerned stakeholders all information security policies and governance documentation for approval.Develop and maintain Information security Strategy, Information security Policy, Information security architecture and Information security Risk Management process in coordination with Lebara concerned stakeholders.Develop in coordination with concerned Lebara stakeholder awareness, education/training and communication programs for BoD, Senior Management, staff and customer. Also present, supervise, and follow up implementation of those programs.Bring to attention of ISMC major Information Security Incidents and their remedial actions.Maintain an updated information security risk register incorporating the approved risk management mitigation strategies.Maintain an updated information security risk register incorporating the approved risk management mitigation strategies.Review and approve the Information security Risk Assessment plan, Information security Risks and Information security compliance posture.Present to ISMC and BoD the Enterprise Information Security strategy and ensure its alignment with governance security strategy and framework and Lebara's business strategy.Develop required Information Security Key Risk indicators (KRIs) and Key performance indicators (KPI).Carry out the Information security Risk assessment that address people, process, and technology.Maintain an updated information security risk registers incorporating the approved risk management strategies.Monitor of compliance with Information security regulations, policies, standards, and procedures.proactively supporting other functions on cyber security, including:Performing information and system classifications.Determining cyber security requirements for important projects.Performing cyber security reviews.Investigate/guide the investigation of Information security incidents.Gather and analyse threat intelligence from internal and external sources.Conduct information security risk assessments to information assets.Proactively supporting other functions on security IS, in performing information and system classifications; determining Information security requirements for important projects; performing Information security reviews.Defining the cyber security awareness programs.Measure and report the KRIs and KPIs on Information security strategy; Information security policy compliance; IS security standards and procedures; IS security programs (e.g., awareness program, data classification program, key Information security improvements).Managing information security third parties’ vendors’ relationship to achieve the desired objectives of the outsourcing.Periodic reporting on the status of information security to the information security management committee (ISMC) on quarterly basis or on in case of major IS event.Represent Lebara in matters related to IS with regulatory bodies.Requirements:BSc/BA in Cybersecurity, Computer Science, Information Technology, or a related field; professional certification (e.g. CISM, CISSP, ISO27001) is a plus.Excellent written and verbal communication skills in Arabic / English.Minimum of 8 to 10 years of relevant work experience in the field of Cybersecurity.