The Cyber Security Specialist is responsible for protecting the university\'s computers, servers, network, applications, and data against information security threats, such as security breaches, computer viruses, cyber-attacks, etc. Suggests strategies, approaches, and tools necessary to ensure the confidentiality, integrity, and availability of university electronic data.

Main roles & responsibilities

• Develop and direct the implementation of information security standards and best practices.
• Continuously review, implement and maintain effective security policies, procedures, and practices and perform information security-related awareness sessions for university stakeholders, as necessary.
• Develop and assure the implementation of different types of internal AIT audits and assessment activities to ensure continuous improvement within AIT.
• Regularly review AIT compliance with relevant information security policies, procedures, laws, and regulations, and alert VCAIT to any non-compliance findings together with the recommended action plans.
• Analyze information security logs for security violations and anomalies, collect incident responses, and carry out forensic investigations when required.
• Conduct penetration testing activities including network penetration testing, web application penetration testing, wireless penetration testing, and communicate the findings with the mitigation procedures to VCAIT.
• Ensure proper protective and/or corrective measures are taken when an information security incident or vulnerability is discovered within a system or application.
• Implement controls for the execution of risk treatment plans and updates the risk register.
• Ensure the AIT continued compliance and certification for ISO 27001. Be the focal point for AIT for internal and external audits.
• Manage relationships and coordinate with clients and service providers while providing customized security assessments, implementing security policies, designing security training materials, organizing training sessions, providing technical support, and communicating security policies and procedures.

Required qualification & skills

• 5 years of relevant IT experience including 3 years of experience in a management position
• Bachelor\'s degree in computer science or computer engineering from an accredited university.
• Information security certificates (CISSP and CISM).
• Master\'s degree is an advantage.
• Cisco Certified Entry Networking Technician (CCENT)
• Cisco Certified Network Associate - Routing and Switching (CCNA)
• Cisco Certified Network Associate - Security (

) * Microsoft Technology Associate (MTA) - Windows Server Administration Fundamentals

• AWS native services, especially as related to security and infrastructure.
• Network technologies (protocols, design concepts, access control).
• Security technologies (encryption, data protection, design, privilege access).
• Information security standards and frameworks such as ISMS.
• Interpersonal and communication skills .
• Ability to work effectively with a wide range of constituencies in a diverse community.
• Analytical and problem-solving abilities to identify and fix security risks.
• Ability to lead and execute an audit throughout the end to end process.
• Ability to plan, organize, lead and control.
• Ability to deal with complex issues.
• Ability to gather data, compile information and prepare reports.
• Ability to develop, plan, and implement short- and long-range goals.
• Excellent communication skills in English language; Arabic language is an advantage.

Hamdan Bin Mohammed Smart University