Vp Information And Data Security

Description:

Zed Consulting is looking for candidates for the position of VP Information and Data Security.

Location: Dubai, UAE (On-site)
Industry: Software Development and IT Services

Key Responsibilities:

--Security Strategy & Governance
Develop and lead a company-wide cybersecurity strategy aligned with business goals, regulations, and evolving threats.
Implement governance frameworks, policies, and controls to safeguard sensitive patient data, research information, and IP.
Collaborate with executives to align security investments with risk tolerance and operational needs.
Present cybersecurity risks, strategies, and incident updates to the Board and Executive Leadership.
Launch a comprehensive data classification and governance program to protect all GeneDx data.

--Risk Management & Compliance
Lead enterprise cybersecurity risk management, including threat intelligence, assessments, and mitigation plans.
Ensure compliance with HIPAA, SOC2, PCI, ISO 27001, SOX, and other relevant regulations.
Manage third-party risk, ensuring vendor compliance with security standards.
Oversee audits, penetration tests, and vulnerability assessments to identify and reduce risks.

--Security Architecture & Operations
Direct security architecture across cloud, on-prem, and hybrid environments.
Lead incident response, ensuring quick containment and recovery from cyber events.
Manage security operations, including SOC, SIEM, threat intelligence, and endpoint protection.

--Executive Engagement & Collaboration
Serve as a strategic advisor to executives, integrating security into business and digital transformation.
Foster cross-functional collaboration to embed security into all areas—legal, tech, product, and more.
Drive enterprise-wide security awareness programs to build a security-first culture.
Collaborate on business continuity and disaster recovery planning.

--Leadership & Team Development
Build and lead a high-performing, inclusive security team.
Promote a culture balancing innovation with risk mitigation.
Manage security budgets and resources to support business objectives.

Qualifications
-- 10+ years in cybersecurity or IT risk management, with 8+ years in leadership.
-- Proven success in building security programs in healthcare or biotech.
-- Deep knowledge of regulatory frameworks: HIPAA, GDPR, ISO 27001, PCI, SOX, FDA.
-- Expertise in cloud security (AWS, Azure, OCI), IAM, SIEM.
-- Strong communicator with the ability to align cybersecurity with business impact.
-- Experience in incident response and digital forensics.
-- Background in securing digital products and platforms.
-- Bachelor’s in Cybersecurity, Computer Science, MIS, or related field.
-- Relevant certifications: CISSP, CCISO.