Information Security Manager (SOC Operations)

Location :- Abu Dhabi (Head Office)Brief about company :-Mazrui International is a diversified holding group with businesses across different industries such as Financial Investments, Oil & Gas, Oilfield Engineering Services, Manufacturing, Chemicals, Real Estate, Construction Trading, Distribution, Transportation, Logistics, Retail, Hospitality, Education etc.Website:-https://www.mazruiinternational.ae/ (Main Holding Group)Designation :- Information Security ManagerReporting to :- Group IT DirectorJob Objective :- The Information Security Manager will report to the Group IT Director and lead the organization’s security strategy and operations, ensuring robust protection of infrastructure, systems, and data. This role is accountable for SOC Operations, Incident Management, and enforcing IT Compliance and Governance. The ideal candidate will have deep expertise in security standards (such as ISO 27001), network security, cloud security (preferably AWS), data security, and API integration security.Key Responsibilities/Duties:SOC Operations & Incident ManagementOversee Security Operations Center activities, including monitoring, detection, and response. Lead incident response processes and ensure timely resolution of security events.Audits, Control, Compliance & GovernanceEnforce IT compliance and governance frameworks across the organization.Maintain alignment with ISO 27001 and other relevant security standards.Plan and execute internal and external security audits.Manage audit findings and drive remediation efforts to closure.Oversee internal cybersecurity training programs and enforce compliance.Design and implement information security policies, procedures, and controls.Architecture & InfrastructureDesign and maintain security schematics for information architecture and technology infrastructure.Integrate security into system and network designs.Risk, Incident, and Change ManagementEnsure secure infrastructure and systems operations through proactive risk management.Own and develop risk management frameworks and incident/change management processes.Ensure security considerations are embedded in all IT changes.Cloud, Data & API SecurityConduct regular vulnerability assessments and penetration tests to identify and mitigate risks.Implement and maintain strong security measures for cloud environments (AWS preferred).Secure API integrations and ensure compliance with best practices.Ensure encryption, access control, and secure configurations across all systems.Adhere to regulatory requirements (e.g., UAE Data/Privacy laws, ISO 27001) and internal security policies.Business Continuity & Disaster RecoveryCreate and maintain Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP) aligned with organizational objectives.Identify critical systems and processes, assess potential threats, and define recovery strategies.Establish clear communication channels for crisis management and stakeholder updates.Experience Required:A minimum of 7 years of relevant experience in Information Technology.Must have senior Cyber Security experience of at least 4 years.Must have SOC Operations experience.O365 Administration & Security ControlsCloud Hosting Security (preferably AWS)Information Security Governance and controls for IT Operations and Information SecurityChange Management, Risk Management, Incident ManagementIT Standards Compliance Implementation, preferably ISO 20000/20001Competencies Requirements:Communication: Ability to listen, adapt, persuade, and transform. Excellent written and verbal communication.Vendor Management: Ability to efficiently manage suppliers, partners, vendors and their projects and deliveries.Project Management: Ability to efficiently manage complex and long-term projects and their related tasks, team activities, reporting and deliverables.Innovation: Ability to make new and useful ideas work.Collaboration: Excellent Collaborative skills across all levels of business & IT.Attitude: Proactive and positive attitude in all job responsibilities.Mindset: Strong Business acumen, an analytical mind.Ability to link strategic objectives to product deliverables and see ‘the big picture’ whilst diving into details as required.Ability to communicate complex problems and solutions in simple and impactful ways.Qualifications:Bachelor’s Degree in Information Technology, Information Security, or related domainPreferably with CCIE, CISSP or Equivalent CertificationsPreferably with Security Standards Certifications (ISO, etc.)Please apply by attaching your CV only if you have relevant experience and qualificationsDue to high volume of applications, only shortlisted candidates will be contacted