Senior Officer, Security & Governance

Masdar View all jobs

  • Abu Dhabi
  • Permanent
  • Full-time
  • 2 months ago
Company DescriptionEstablished in 2006, Masdar (Abu Dhabi Future Energy Company) is a global clean energy leader, transforming how the world produces and consumes energy through bold innovation and commercial excellence.Masdar is a clean energy investor, developer and operator, advancing renewable energy projects across key markets and technologies, with a global project portfolio capacity to date of over 51 gigawatts (GW).Jointly owned by TAQA, ADNOC and Mubadala, Masdar is driving the scale-up of renewables worldwide, targeting a portfolio capacity of 100GW by 2030.Job DescriptionTo lead and execute cybersecurity operations and governance activities, ensuring the implementation of robust security controls, risk management frameworks, and compliance measures. The role is responsible for safeguarding the confidentiality, integrity, and availability of customer, employee, and business data while aligning security strategies with organizational goals and industry best practices. This position requires a balanced expertise in security operations, governance, risk management, and compliance to proactively mitigate cyber threats, enforce security policies, and drive continuous improvement in enterprise security resilience.Key Responsibilities
  • Develop, implement and update periodically an advanced information security framework and strategy aligned with Zero Trust Architecture, regulatory requirements, and emerging threats.
  • Provide support on governance and operational security matters to support the achievement of security objectives.
  • Contribute to the establishment, implementation, review and continual improvement of the Information Security Management System ISMS in line with overall security objectives.
  • Execute security policies, standards, procedures, and guidelines, in conjunction with the Security Committee.
  • Assist in conducting investigations of significant security incidents and applying necessary resolutions.
  • Ensure that information security policies and procedures are in place and adhered to.
  • Ensure that security policies and procedures comply with relevant international standards, legal and regulatory requirements.
  • Develop and maintain a risk management program that assesses and mitigates information security risks.
  • Develop and maintain a security roadmap that outlines the implementation of the information security framework and strategy over time
  • Develop, enhance, and maintain an advanced incident management and threat intelligence program that proactively identifies, mitigates, and resolves security incidents using SIEM, SOAR, and AI-driven analytics.
  • Ensure implementation and continuous improvement of ISMS governance structure in alignment with regulatory frameworks such as GDPR, NESA, NCA ECC, HIPAA, and PCI-DSS.
  • Perform security risk analysis for Masdar, particularly with respect to level of cyber threats and external environment affecting IT infrastructure and Masdar as an Organization.
  • Support on the process and documentations for incident escalation, performing incident investigation and closure and ensuring proper reporting.
  • Conduct company-wide data classification assessment and security audits and contribute to remediation plans.
  • Develop and deliver security training and awareness programs to ensure that employees understand their roles and responsibilities related to security governance.
  • Develop and maintain incident response plans that outline the steps to be taken in the event of a security incident.
  • Ensure that incident response plans are tested regularly to identify and address gaps and weaknesses.
  • Ensure that incidents are logged and tracked through to resolution, and that post-incident reviews are conducted to identify opportunities for improvement.
  • Provide regular updates to senior management on the status of incidents and the effectiveness of the incident management program.
  • Develop and maintain incident management metrics and key performance indicators (KPIs) to measure the effectiveness of the incident management program.
  • Monitor and report on incident trends and make recommendations for improvement to the incident management program.
  • Ensure that incident management policies and procedures comply with relevant standards, legal and regulatory requirements.
  • Provide incident management training and awareness programs to ensure that employees understand their roles and responsibilities related to incident management.
  • Perform daily operations and activities related to security and governance in order to ensure the smooth flow of daily activities with minimal interruption to IT services and users.
  • Lead the design, deployment, and management of the network security infrastructure.
  • Design and build solutions to ensure secure remote access.
  • Conduct comprehensive cloud security gap assessments and provided remediation strategies to enhance security posture, specifically addressing and UAE regulatory requirements and international locations.
  • Oversee in defining enterprise security architectures for multi-cloud environments, ensuring that security solutions are scalable and aligned with business objectives.
  • Monitor and report on the security of the organization's information assets, identify security vulnerabilities, and develop solutions to address them.
  • Monitor, audit, and report on compliance with security policies and regulatory requirements while optimizing governance, risk, and compliance (GRC) frameworks.
QualificationsKey RequirementsPreferred Qualifications:
  • Bachelor's degree in, computer science, information systems, cyber security
  • Master's degree in IT Management with focus on Security and Governance is an asset
Preferred Experience:
  • 6-8 years of progressive experience in information security, operations, governance, risk management, and compliance, with expertise in SIEM, SOAR, IAM, and DevSecOps frameworks
Job-Specific Skills:
  • Excellent communication and interpersonal skills
  • Strong analytical and problem-solving skills
  • Knowledge of IT governance, project planning, management, cost and quality control (QA/QC)
  • Deep technical knowledge of security components including but not limited to Next-Gen Firewalls, SIEM, Palo Alto Cortex XSOAR, Splunk, IBM QRadar, Azure Security Center, AWS Security Hub, GCP Security Command Center.
  • Ability to learn quickly and maintain a diverse workload in a fast-paced environment.
  • This role would require candidates to be based in Abu Dhabi
Additional InformationAs part of the application process, we will collect, store and process personal information about you.Masdar will use your personal information in accordance with our which provides details on the purposes for which your data is processed.

Masdar