Duties and Responsibilities Lead the management and operation of the Information Security Management System (ISMS) for Masarat for IT & Financial Services · Review all ISMS policies, procedures and other core ISMS framework documents like Statement of Applicability (SOA), Catalogue of Documents (CoD) etc, for all in-scope departments and ensure they are all updated. · Manage the ISMS risk management program by reviewing all existing asset registers and risk registers. · Collaborate with the Masarat for IT & Financial Services stakeholders on a regular basis to ensure the ISMS operates smoothly and continuously improves. · Conduct meetings with the Management Forum and Information Security and tracking the minutes of meetings and agenda. · Liaison with external auditors from certification agency to ensure all scheduled surveillance audits are completed as planned. · Manage all internal and external audit findings and ensure their remediation on an agreed schedule with the respective Masarat for IT & Financial Services portfolio managers. · Drive continuous improvements of the ISMS by designing and implementing effective metrics. · Support the various ISMS roles with their responsibilities as documented in the ISMS operations manual. · Regularly review the scope of the ISMS and ensure it remains relevant for member firms, clients and regulators. · Escalate risk and issues relating to the management and operation of the ISMS to Masarat for IT & Financial Services, MITF CISO and other interested parties as appropriate. · Maintain ISMS portal and documentation up to date. · Manage ISMS communications · Report ISMS status to Masaraat for IT & Financial Services stakeholders and the MITF CISO Benefits Employment contract will be for an initial one-year term (with a three-month probation period) with possibility of renewal.Working hours according to the Libyan Labour Law.Company will process INAS (social contributions).Company will cover partial medical expenses.Training opportunities.Masarat prides itself on its collegial and supportive working environment, which allows space for personal and professional growth. Job Requirements 46 years in information security of which minimum of 3 years of business experience in running an ISMS based on ISO27001:2013.Must be a certified lead implementer or a certified lead auditor on ISO27001:2013.Professional security qualifications such as CISSP and/or CISM preferred.Applicant must be willing to obtain certification, if they are not already certified.Knowledge of key principles and framework surrounding an Information Security Management System (ISMS) and preferably with other related frameworks like ISO27003, ISO27005, ISO27017 and ISO27018.Good knowledge of regional issues and structures, ability to work with people from many different cultural backgrounds.Strong ability to multi-task and work independently within a MITF team.Methodical approach to work, attention to detail and delivery of high-quality results.Excellent interpersonal and communication skills.Fluent in English.Minimum bachelor’s degree from an accredited college / university (preferably in Computer Science, Computer Engineering, Information Security, Management Information Systems or other relevant field) – Masters (post-graduate) degree a plus. How To ApplySend your CV to
قدم سيرتك الذاتية الان
اضغط هنا لاظهار البريد الالكترونى
قدم للوظيفة بدون تسجيل بالبريد الالكترونى! 