Manager Data Security & Privacy ( UAE National )

Key Accountabilities:

• To do review of the demands for securing the du solution/platform from Managed Services, IT & Network and build the appropriate data security controls as needed.
• Responsible to manage overall planning, design and implementation of data Security Services programs & projects. 
• Identify technical requirements resulting from contracted products and services and coordinate with Product Design & Specification data security services technology solutions
• To work on internal TSRM security projects in accordance with the business objectives and requirements. 
• To be the expert on Data Security & Privacy projects and initiatives like DLP, Database Activity Monitoring (DAM), IRM, Classification, Encryption, Tokenization, MDM, IAM, Dashboard, PAM etc.
• To develop Security Design based on the assessment for services those are provided over the Telecom/IT infrastructure & Managed Services. 
• Plan and manage proper assessments of cloud security solutions based on the data Security Services plan to ensure that the requirements are designed & implemented as per the agreed quality and timelines.
• To provide guidelines and ensure Security compliance of the solution to du Security requirements such as Vulnerability & Patch management, Terminal Security, Operating System Hardening, High Availability of services and Infrastructure Administration Security.
• To lead the Acceptance Testing Plan (ATP) for security projects for the purpose of evaluating and validating the scope.

Qualifications:

• Bachelors of engineering degree in electronics and communication or computers or electrical and electronic or similar
• Certifications such as Firewall Associate, ITIL, Systems Engineer

Experience:

• Minimum 8-10 years of experience in a similar role in telecommunication industry
• Security Certification CISSP/CISM compared with experience (CISSP-CISM with 4 years / course completion with no certification requires 4-6 years of experience
• Must contain strong knowledge and experience in Security Planning of state-of-the-art technologies; data security & privacy, Identity Manager, Secure Web Gateway, Firewall, SSL VPN, https inspection, Directory Services, OSS technologies
• ISO27001 Lead Auditor or CISM.
• In Depth knowledge and work experience in Large Data Center, Enterprise IT, Telecom Core network etc
• In Depth knowledge and work experience on Application and Data/Information Security
• Good understanding of technical aspects relating to the Telecom and Enterprise Security; Fixed Network, PS-Core, CS-Core, VAS, OSS, IN, IT/BSS

Skills

• Strong skills and experience in a multi-cultural and multinational environment.
• Understanding of technical aspects relating to the entire Telecom including Enterprise IT systems like Active Directory, Exchange, DHCP, DNS, Citrix, ERP and BSS and OSS systems like CRM, BSCS, ACS, AAA, NTP, U 2000, M 2000 etc
• Very good knowledge of data security & privacy, Identity Management solutions to manage user life cycle for Automated Provisioning and de-provisioning.
• Understanding of common security issues & risks as well as knowledge of HIDS/HIPS, Secure Web Gateway, Secure Email Gateway, Network IPS, Forward Proxy, Reverse Proxy, WAF's, ACL management, remote access, VPN etc.
• Strong knowledge of enterprise remote access solution using Citrix technologies like Published App, SSL VPN, Netscaler, Virtual Desktop etc.
• Very good knowledge of telecom networks, change management process, firewall changes, network routing, transport security etc 
• Extensive and wide technical expertise in technologies such as Content Security (WAF, Anti-X), Infrastructure Security (FW,VPN,IDS/IPS), 2-Factor Authentication, Single-Sign-On, One Time Password …), Endpoint Security, Data Leak Prevention, Security events monitoring, Vulnerability/Patch Management etc.