Security Compliance Officer

at  ACENET

Experience: 7 to 12 years
Location: Abu Dhabi
Job code: 100975
Posted on: Aug 08, 2024
Job Summary :
The Security Compliance Officer is responsible for ensuring organizational compliance with all information security obligations. This role includes conducting internal audits on payment systems, facilitating external audits against CIS, ISO & ISMS standards, and maintaining an ISMS. Ideal candidates should have a process-oriented mindset, a collaborative approach, and experience in cybersecurity within the public sector in the UAE.

Responsibilities :

• Develop & maintain Information Security policies, processes, and procedures.
• Organize and facilitate security governance bodies (e.g., Steering Committees).
• Maintain metrics for performance measurement via established monitoring processes.
• Ensure compliance with requirements (e.g., CIS, PCI DSS, ISO 27001+, NESA).
• Report compliance regularly against approved objectives.
• Participate in the established information security audit program.
• Conduct and document information security risk assessments.
• Operate the established security awareness program.
• Educate internal teams on effective security controls.
• Contribute to the Change Advisory Board and relevant service management workflows.
• Engage in Security Testing activities, including those for security incident response.

Preferred Qualifications:

• Bachelor’s degree in Computer Science or a related field, or equivalent experience.
• 7 years of information security experience (2 years in UAE) with a focus on the financial industry.
• Experience auditing Electronic Payment Systems and Card Payment Schemes.
• 5 years in compliance roles maintaining PCI-DSS & ISO27001 ISMS certification.
• Certifications: CISSP, CISA, PCI-DSS Implementer & ISO27001 Implementer.
• Familiarity with Financial Services Industry practices, particularly UAE regulatory and legal compliance.
• Knowledge of NESA / DESC / ISR / ADSIC and UAE Central Bank PSP regulation standards.
• Understanding of cybersecurity implications of financial crime, chain of custody, code of business conduct, and consumer rights.
• Preferred experience at payment processors, card networks, or fintech service providers.

Other Requirements :

• Ability to collaborate with teams to meet SLAs.
• Proficiency in creating and maintaining documentation and reports using MS Word, Excel, Visio, and PowerPoint.
• Ability to work independently with accuracy and minimal supervision.
• Solid knowledge of standards and best practices.
• Understanding of relevant government regulations and ability to maintain compliance.
• Excellent verbal and written communication skills; strong command of English.
• Fluency in Arabic preferred.
• Good interpersonal skills and exemplary professional ethics and personal integrity.
• Collaborative team player with a process-oriented mindset.
• Ability to perform well in a high-pressure environment.

Why Join Us:

• Competitive salary and benefits package.
• Opportunity to work with the latest technologies and tools.
• Collaborative and innovative work environment.
• Professional development and growth opportunities.

How to Apply:
If you are interested in joining our team and meet the qualifications listed above, please submit your resume and a cover letter detailing your experience and why you are the ideal candidate for this position

• Develop & maintain Information Security policies, processes, and procedures.
• Organize and facilitate security governance bodies (e.g., Steering Committees).
• Maintain metrics for performance measurement via established monitoring processes.
• Ensure compliance with requirements (e.g., CIS, PCI DSS, ISO 27001+, NESA).
• Report compliance regularly against approved objectives.
• Participate in the established information security audit program.
• Conduct and document information security risk assessments.
• Operate the established security awareness program.
• Educate internal teams on effective security controls.
• Contribute to the Change Advisory Board and relevant service management workflows.
• Engage in Security Testing activities, including those for security incident response