Information Protection Senior Advisor
Cigna
Dubai, United Arab Emirates
منذ 5 يوم

Infrastructure / Application reviews :

  • Partners with the enterprise to implement standard security solutions and capabilities that are aligned with business, technology and threat drivers
  • Performs focused risks assessments of existing or new services and technologies, security architecture, identifies design gaps, risks, and recommends enhancements
  • Communicates risk assessment findings to information security customers, or business partners. Explore risk mitigation controls
  • Serves as an information security expert and trusted advisor to partners in IT and the business
  • Evaluate compliance of operation processes with Information Protection policies and related government regulations
  • Identifies and implements appropriate controls to effectively manage information risks as needed
  • Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing residual risk
  • Maintains strong working relationships with individuals and groups involved in managing information risks across the organization
  • Stays abreast of current and emerging security threats and designs security architectures to mitigate them
  • Service Partner Security Assessment :

  • Plan and perform site reviews of physical and IT facilities, measuring actual conditions against submitted responses. Evaluate IT processes to ensure effective information protection is practiced.
  • Produce site visit reports with improvement recommendation. Track improvement efforts until closure.

  • Perform general walkthrough evaluations of new facilities and processes under consideration. Provide recommendation to business.
  • Meet with vendors and employees to resolve or track compliance issues.
  • Attend demonstrations of applications and prepare reports on potential for data leakage or infrastructure security issues.
  • Review any regular security reports for abnormality
  • Work with supplier chain management on contracts to include security terms.
  • Escalation to the fellow CIP team on security issues related to service partners.
  • Support the Management team (Regional Information Security Officer and Senior Manager) :

  • Work with individual local security teams assigned to ensure security controls applied are compliant to CIP policies and standards
  • Work with the RISO on managing security incidents
  • Regular risk & activity reporting
  • Issue tracking with local security teams
  • Review and approval of application / infrastructure changes in terms of security
  • Coordinate CIP initiatives with other countries as required
  • Maintain strong working relationships with individuals and groups involved in managing information risks across the organization
  • Partner with the CIP and IT teams to implement standard security solutions and capabilities that are aligned with business, technology and threat drivers
  • Stay abreast of current and emerging security threats and security architectures to mitigate the threats
  • Skills Needed :

  • Health Insurance or Health Care Industry experience preferred
  • Ability to multitask and timely execute
  • Ability to grasp and understand complicated relationships
  • Proven Communication skills, able to write and verbally communicate effectively
  • Organizational courage to escalate and resolve risk issues
  • Flexible can adapt to changing organization changing business needs, technological advances and agile methodology
  • Demonstrates technical skills in infrastructure, application and third party security assessments.
  • Self-starter and shows empathy towards business requirements and able to influence changes to facilitate security
  • Experience with assessing and mitigating risk
  • Experience with contracting and negotiations
  • Travel required, approximately 10%
  • Qualifications :

  • BS degree or equivalent experience
  • CISSP, CISA, CISM, CRISC or similar certifications preferred
  • Broad high level knowledge, hands-on experience, and exposure to a wide range of IT subject areas, business, IT & physical controls
  • Strong written and spoken English skills
  • Qualified candidates will typically have 8+ of professional IT experience work experience, and 4 years in information security
  • Experience and working knowledge of PCI DSS & ISO 27001 certification is a plus
  • Experience with process and change management, reporting and incident handling.
  • Demonstrated ability to communicate at high levels, both verbally and in reporting
  • Excellent problem identification, solving and critical reasoning skills.
  • Ability to work successfully with a minimum of supervision in a fast paced and sometimes pressured environment.
  • بلغ عن هذه الوظيفة
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    تقديم
    بريدي الالكتروني
    بالضغط على "استمر" ، أعطي موافقة neuvoo على معالجة بياناتي وإرسال تنبيهات إلي بالبريد الإلكتروني ، على النحو المفصل في سياسة خصوصية لـneuvoo . يجوز لي سحب موافقتي أو إلغاء الاشتراك في أي وقت.
    استمر
    استمارة الطلب