Job Description

• Attending designated change management meetings. Review required changes, identifying gaps, and documenting them within defined SLA, ensuring that changes to systems and applications adhere to security policies and standards.
• Assessing and approving workflows, service requests, and operational procedures within defined SLA to verify adherence to security practices, standards, and industry best practices, thus securing DP World digital assets and infrastructure.
• Data Classification:

+ Establish and maintain data classification policies and standards based on sensitivity and regulatory requirements.
+ Define criteria and guidelines for labeling data according to its level of sensitivity.
+ Ensure adherence to data classification policies across the organization.
+ Monitor and enforce compliance with data handling procedures related to classified information.
+ Conduct regular assessments to verify compliance with data classification standards.
+ Collaborate with internal audit and compliance teams to address findings and implement corrective actions.
+ Provide guidance and support to business units on proper data handling practices and classification requirements.
• Data Loss Prevention (DLP):

+ Deploy and configure DLP tools and technologies to monitor and protect sensitive data.
+ Define and implement DLP policies tailored to organizational needs and regulatory requirements.
+ Monitor DLP alerts and incidents; investigate and respond to potential data breaches or policy violations.
+ Conduct risk assessments to identify vulnerabilities and gaps in DLP coverage.
+ Recommend and implement controls to mitigate risks associated with data loss or leakage.
+ Raise awareness among employees about the importance of data protection and their role in maintaining security.
• Collaborating with the SOC team to respond promptly to security incidents.
• Monitoring alerts generated by the SOC and taking immediate action when necessary.
• Ensuring proactive monitoring of systems to detect potential security threats.
• Managing SIEM Solution:

+ Configure and optimize the SIEM solution for efficient log collection, correlation, and analysis.
+ Fine-tune alert mechanisms to prioritize and respond to security incidents effectively.
+ Monitor security events and alerts generated by the SIEM solution in real-time.
+ Conduct thorough analysis of security incidents to identify potential threats and vulnerabilities.
+ Generate regular reports on security incidents, trends, and mitigation strategies based on SIEM data analysis.
+ Maintain comprehensive documentation of SIEM configurations, incidents, and response activities for auditing and future reference.
• Lead the development and implementation of comprehensive cybersecurity strategies, focusing on IT security architecture, to ensure the protection of our systems and data assets.
• Design, review, and enhance security practices, architecture, and frameworks in alignment with business objectives and compliance requirements.
• Lead security projects from initiation to completion, ensuring they are delivered on time and within budget.
• Security Incident Response:

+ Condect incident response to investigate and respond to security incidents.
+ Participate in post-incident analysis and implement necessary security improvements.
• Collaborate closely with cross-functional teams to integrate security solutions into existing systems and applications.
• Conduct regular security assessments to identify vulnerabilities and recommend solutions.
• Develop and maintain documentation related to cybersecurity policies, procedures, and architecture designs.
• Provide guidance on security best practices and ensure the implementation of security controls throughout DP World.
• Collaborate with internal and external stakeholders to communicate security risks and mitigation strategies effectively.
• Mentor and train new team members on the latest cybersecurity technologies and methodologies.
• Foster a culture of continuous improvement in cybersecurity practices and awareness within DP World.
• Participate in after-hours upgrades, troubleshooting, and/or on-call availability as needed.
• Complete all tasks assigned by line manager.
• Provide consultation and guidance regarding the planning of future security service additions and modifications.
• Research and evaluate new security technologies and recommend implementation of existing and new application software (applications, operating systems, etc.), hardware, and maintenance for performance enhancement.