Company DescriptionWho we areB&S is a company in the consumer goods industry with a very strong global network. We provide unmatched reach in the field of consumer goods, connecting suppliers and consumers all over the world.The security compliance officer's role is to ensure the secure operation of the B&S information assets in accordance with our internal processes, procedures, and compliance requirements as per the relevant ISO standards, regulatory frameworks applicable to B&S and industry best practices.Key Responsibilities
Oversee and improve the information security programs, including data protection, risk management, compliance, and information security testing.
Establish information security audit policies and procedures relevant to CMMC, SOC2, ISO 27001, ISO 22301, ISO 38500, PCI-DSS.
Develop, implement, and maintain internal ITSC audit policies and procedures in accordance with local and international best practices.
Conduct scheduled audits on information assets and processes as required in order to maintain certifications and compliance certificates.
Evaluate compliance of B&S processes, procedures, systems, and applications against the requirements of ISO 27001, ISO 22301, ISO 38500, PCI-DSS, CMMC, and industry best practices.
Monitor advancements in information security and privacy laws to ensure organizational adaptation and compliance.
Prepare audit reports required for senior management, regulators, and other relevant stakeholders.
Assist with initiatives relevant to compliance certification and regulatory bodies.
Review all new products, systems, or processes to ensure compliance against required standards, frameworks, and best practices.
Deploy, manage, and maintain security audit platforms.
Collaborate with the IT Risk & Threat Analyst and Cybersecurity Analyst to ensure threats and vulnerabilities are promptly identified and communicated to relevant business stakeholders for remediation.
Key Deliverables
Develop internal audit policies and procedures in accordance with local and international best practices
Conduct internal audits as per the internal ITSC audit schedule and framework
Evaluate compliance of B&S processes, procedures, systems and applications against the requirements of B&S' certification initiatives
Deliver audit reports/findings and status of the remediation of audit findings to stakeholders
Propose continuous service improvements based on audit findings
Qualifications
Bachelor's degree in Computer, with IT audit or compliance experience
5+ years of IT experience with a focus on security and compliance
Knowledge and understanding of ISO 27k, PCIDSS, GDPR, NIST, ISO Certifications and SOC-2 information security standards and/or frameworks
Experience writing policies, procedures, and controls in one or more standards/frameworks
Knowledge of computer networking concepts and protocols and network security methodologies
Knowledge of risk management processes, cyber threats and vulnerabilities
Experience with risk management in both a compliance and security context
Ability to work in a fast-paced environment and the skills to deal with ambiguity
Ability to handle multiple competing priorities
High-level of attention to detail and be a self-starter with the ability to work independently, multi- task, and adjust to shifting priorities
Professional information security certifications like ISO 27001, CISA, CISM, or other relevant security-related designations would be an advantage
Additional InformationWe offer you
Competitive salary fitting with your experience, along with discretionary annual performance-based bonus
Company sponsored visa along with health insurance
Leave benefits as per UAE labour law
Annual return air-ticket to your home country
Opportunity for professional growth and development
Dynamic and collaborative work environment
Being a part of leading International trading company with global presence