إرفاق
وصف الوظيفة
Job Purpose
Implement and maintain a robust cybersecurity framework that ensures the organization's compliance with
regulatory requirements for IT & OT. Support the development and enforcement of cybersecurity policies,
standards, and procedures to safeguard information assets. Promote a culture of cybersecurity diligence and
collaborate with cross-functional teams to conduct risk assessments and ensure adherence to industry standards
and best practices.
Position Accountability Description
Governance:
1. Develop and maintain cybersecurity policies, standards, and procedures, ensuring they are up-to-date and aligned with industry regulations.
2. Monitor compliance with cybersecurity policies across the organization, identifying and reporting any deviations.
3. Conduct regular reviews of cybersecurity policies to ensure they reflect the latest threats and regulatory requirements
4. Assist in the preparation and delivery of cybersecurity awareness and training programs for all employees.
5. Support the implementation of governance frameworks that ensure accountability and oversight of cybersecurity practices.
6. Coordinate with legal and regulatory teams to ensure cybersecurity policies comply with national and international laws.
7. Implement cybersecurity awareness training programs to promote a culture of cybersecurity diligence and educate staff on best practices
8. . Monitor the implementation of the cybersecurity strategy and ensure implementation and maintenance of policies, standards, procedures, and guidelines in line with best practices
9. Oversee cybersecurity architecture considering the critical business functions, baseline requirements and systems security requirements.
10.Prepare updates and reports to Cybersecurity Governance, Risk, and Compliance Manager.
11.Comply with All Dammam Airport Policies & Procedures including Safety and reporting hazards.
Risk Management:
12. Conduct thorough cybersecurity risk assessments to identify vulnerabilities and potential impacts.
13. Assist in the development and execution of risk mitigation plans to address identified vulnerabilities.
14. Report on the status of cybersecurity risks to senior management, providing recommendations for mitigation.
15. Monitor emerging threats and vulnerabilities, updating risk assessments and mitigation plans accordingly.
16. Coordinate incident response activities, ensuring timely reporting and effective management of cybersecurity incidents.
17. Evaluate the effectiveness of existing cybersecurity controls and recommend improvements.
18. Implement comprehensive risk assessments to identify potential threats, vulnerabilities, and cybersecurity gaps within the organization's systems, networks, and processes. In addition to and implementing mitigation strategies to minimize risk exposure and enhance the overall security posture.
Compliance:
19. Ensure Dammam Airport cybersecurity practices adhere to relevant laws, regulations, and industry standards (e.g., NCA, GDPR, ISO 27001).
20. Assist in the preparation and facilitation of internal and external cybersecurity audits.
21. Monitor third-party vendors for compliance with the organization's cybersecurity requirements, addressing any non-compliance issues and prepare compliance reports for regulatory bodies and senior management, detailing adherence to cybersecurity standards.
22. Monitor Dammam Airport systems compliance with cybersecurity, resilience, and dependability requirements.
Continuous Improvement:
23. Identify opportunities for enhancing cybersecurity governance, risk management, and compliance processes.
24. Support the implementation of new technologies and tools to improve the organization's cybersecurity posture.
25. Benchmark the organization's cybersecurity practices against industry standards, preparing reports for management review.
Team Collaboration and Development
26. Collaborate with team members to share knowledge, provide support, and participate in activities, fostering a positive work environment and enhancing morale.
27. Engage in continuous learning by seeking feedback, attending training sessions, and staying updated on industry trends to improve personal skills and contribute to organizational goals.
المهارات
· Regulatory Knowledge
· Risk Assessment
· Compliance Monitoring
· Policy Development
· Technical Skills
المؤهلات العلمية
Information Security (IS) or equivalent
