· Work with Etisalat business units and with other risk management/assurance functions to identify security requirements, using methods that may include risk and business impact assessments
· Implement strategies and plans to achieve security requirements and address identified risks
· Perform control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls, and recommends remedial action
· Prepare report on residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
· Ensure the development, documentation and implementation of an agile disaster recovery and business continuity plans.
· Play an advisory role in application development or acquisition projects, to assess security requirements and controls and ensure that security controls are implemented as planned
· Collaborate on critical IT projects to ensure that security issues are addressed throughout the project life cycle
· Assist in the development of security architecture and security policies, principles and standards
· Develop security processes and procedures and supporting service-level agreements (SLAs) to ensure that security controls are managed and maintained
· Define security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems
· Develop and validate baseline security configurations for operating systems, applications, networking and telecommunications equipment
· Assist in resolving negative audit findings reported by Etisalat internal or external auditors
· Assist system administrators (and other IT staff) in the resolution of reported security incidents
· Participate in security investigations and compliance reviews as requested by internal or external