Senior Analyst - Information Security and Governance (Emirati talent)

Healthpoint, part of the M42 group, is a multi-specialty hospital based in Abu Dhabi. The hospital includes 10 specialty centers: bariatric (weight loss) surgery & weight loss, dentistry, medical specialties, musculoskeletal medicine, pain management & headache, physiotherapy & rehabilitation, plastic surgery & dermatology, pulmonary & sleep medicine, vascular medicine & surgery, & surgical specialties.

This role plays a critical role in leading the organization’s security initiatives and ensuring the protection of all information assets. The role would also be responsible for designing advanced security solutions, managing complex security projects, and mentoring junior security staff. This position demands extensive experience in information security and a deep understanding of evolving cybersecurity threats.

• Security Strategy Development: Lead the development and implementation of the organization’s information security strategy and roadmap in alignment with business objectives.
• Advanced Risk Management: Perform in-depth risk assessments and vulnerability analyses to identify and mitigate complex security risks. Develop risk management strategies and frameworks.
• Incident Management: Oversee the organization’s incident response process, including detection, analysis, containment, eradication, recovery, and post-incident review. Lead major incident investigations and coordinate with external agencies when necessary.
• Security Architecture: Design and implement advanced security architectures and solutions for the protection of the organization’s information assets. Ensure that security is embedded in the design and deployment of IT systems.
• Leadership & Mentoring: Provide guidance and mentorship to junior security staff, fostering a culture of continuous learning and improvement.
• Compliance & Audit: Ensure that the organization remains compliant with all relevant security regulations and standards (e.g., GDPR, ISO 27001, NIST). Lead security audits and work closely with external auditors.
• Third-Party Management: Evaluate and manage the security posture of third-party vendors and partners. Ensure that third-party risks are identified and mitigated.
• Threat Intelligence: Lead the organization’s threat intelligence efforts, staying ahead of emerging threats, and ensuring the organization is prepared to defend against them.
• Collaboration with Executives: Work closely with the Chief Information Security Officer (CISO) and other executive leaders to communicate security risks and ensure that security initiatives align with business goals.
• Continuous Improvement: Drive continuous improvement in the organization’s security practices through innovation, research, and adoption of new technologies.

• Bachelor’s degree in Information Security, Computer Science, or a related field.

• Atleast 5 years of professional experience in Information Security.
• Experience in risk management, information security, security operations, and security review.
• Must have one of the following industry certification:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM) or
  • Certified Information Systems Auditor (CISA)
• Additional certifications such as CRISC (Certified in Risk and Information Systems Control) or CCSP (Certified Cloud Security Professional) are highly desirable.
• Excellent communication skills with the ability to effectively communicate complex security issues to non-technical stakeholders.