JOB PURPOSE: As part of DP World\xe2\x80\x99s strategy of making global trade flow, and providing end to end logistics solutions to BCOs, we are investing substantially in various technology products and solutions to digitize, optimize, automate and grow our business. These products and solutions are expected to help grow DP World revenue in new logistics businesses from $6B to $12B in 3-5 years. This growth will be a mix of organic business development and inorganic acquisitions. In addition to logistics, including DP World\xe2\x80\x99s Ports and Terminals businesses, the company operates in more than 60 countries around the world. This global expanse of operating businesses have a wide variety of infrastructure and applications, and they must be operated securely, to retain and grow our customers\xe2\x80\x99 trust. As recent trends show, the shipping and logistics industry is increasingly being targeted with sophisticated cyber attacks. As a result, we need a senior leader who will be able to work with the Group CTO, various business COOs, Enterprise Risk and Reslience, Group Compliance, Group Audit, Regional Technology Heads, and other application owners to come up with an overall strategy for cyber security at DP World. They will be responsible for socializing this strategy with the top management, identifying the current security posture, and coming up with a roadmap to achieve the desired posture. They will keep abreast with the latest regulatory requirements wrt customer data protection and privacy, know about the latest cyber security trends, and be able to envision what investments the company would need to make to protect our current and future businesses. The Group Chief Information Security Officer will also provide cyber assurance reports and roadmap to the board and senior management of the company. The ideal candidate is a thought leader, a consensus builder, and an integrator of people and processes. While the EVP - IS is the leader of the cyber & information security program, he or she must also be able to balance disparate drivers, constraints and personalities, while maintaining objectivity and a strong understanding that security is just one of the business\'s activities. Ultimately, the EVP - IS is a business leader and should have a track record of competency in the field of information security or risk management, with 20+ years of relevant experience, including 7+ years in a significant leadership role in cyber security at a large multinational organization. As the cyber & information security thought leader for our global enterprise, this senior leader will play a critical role in protecting our customers, our employees and our business from the full spectrum of information and cyber security threats.
KEY ACCOUNTABILITIES:

• The role serves as the process owner of all activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organization\'s information security policies.
• They will define the acceptable cyber security posture and strategy which is a balance of business risk appetite, business objectives, and cost, while ensuring regulatory needs are met
• They will socialize and align the cyber security strategy and roadmap with key executive stakeholders, get buy-in, and develop an implementation plan, policies and standards
• They will proactively work with business units to implement practices that meet defined policies and standards for information security.
• They will facilitate cyber & information security governance through the implementation of a hierarchical governance program, including the formation of an information & cyber security steering committee or advisory board.
• They will develop a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the cyber security.
• They will periodically report on progress, along with perceived risks and mitigations, to executive management and the DP World board.
• The incumbent will be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.
• They will lead & oversee end to end IT security and Cyber Security Risk related risk management and mitigation activities, via a team of talented professionals.
• They will possess sound business acumen and an excellent knowledge of information security framwworks, security engineering and architecture, security operations, and establish a world class team to support cyber security at DP World
• Manage information & cyber security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company\'s reputation.
• Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
• Liaise with external agencies, such as law enforcement and other advisory bodies as necessary, to ensure that the organization maintains a strong cyber security posture.
• They will conduct enterprise and group wide Threat Modelling exercise to identify, assess, and prioritize potential cyber & information security threats and vulnerabilities to DP World systems.
• They will be the key evangelist for security being embedded into the organization\xe2\x80\x99s thinking and ensure that cyber security is part of the design and not an afterthought.
• They will develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices.
• Develop and enhance an information & cyber security management frameworks based on industry leading standard and frameworks such as NIST, CIS, COBIT, (ISC) 2 etc.
• They will create and manage information security and cyber risk management awareness training programs for all employees, contractors and approved system users.
• Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals. Coordinate the development of implementation plans and procedures to ensure that business-critical services are recovered in the event of a security event. Provide direction, support and in-house consulting in these areas. They will proactively manage risks and enhance the IT & Cyber security posture of the organization, and make stakeholders aware of residual risk

OTHER

• Accountable for leading an engaged team, providing direction and promoting collaboration while ensuring they are enabled to carry out the goals and objectives of the business
• Act as an ambassador for DP World at all times when working; promoting and demonstrating positive behaviours in harmony with DP World\xe2\x80\x99s Principles, values and culture; ensuring the highest level of safety is applied in all activities; understanding and following DP World\xe2\x80\x99s Code of Conduct and Ethics policies
• Perform other related duties as assigned

JOB CONTEXT DP World is a leading enabler of global trade and an integral part of the supply chain. We operate multiple yet related businesses \xe2\x80\x93 from marine and inland terminals, maritime services, logistics and ancillary services to technology-driven trade solutions. We have a portfolio of 78 operating marine and inland terminals supported by over 50 related businesses in over 70 countries across six continents with a significant presence in both high-growth and mature markets. We aim to be essential to the bright future of global trade, ensuring everything we do has a long-lasting positive impact on economies and society. Our dedicated team of nearly 100,000 employees from 110 countries cultivates long-standing relationships with governments, shipping lines, importers and exporters, communities, and many other important constituents of the global supply chain, to add value and provide quality services today and tomorrow. Container handling is the company\xe2\x80\x99s core business and generates more than three quarters of its revenue. DP World handles 70+ million TEU (twenty-foot equivalent units) across our portfolio annually. By thinking ahead, foreseeing change and innovating we aim to create the most productive, efficient and safe trade solutions globally. We consider technology to be at the heart of helping us achieve our ambitions in global trade and are investing heavily in the people and tools required. Given the vastness of our ambitions and existing footprint, our senior technology leaders are critical to our success.
QUALIFICATIONS, SKILLS & EXPERIENCE:

• Bachelors degree in Computer Science, or a related technology discipline required. Degree in business administration is a plus. Equivalent work experience or education-related experience in lieu of degree.
• Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Chief Information Security Office (CCISO), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is highly desired.

Experience

• Minimum of 20 years of experience in a combination of risk management, information security and technology jobs. At least ten must be in a senior leadership role in Information Security. Employment history must demonstrate increasing levels of responsibility.
• Knowledge of common information security, applicable legal and regulatory frameworks, such as CIS, ISO/IEC 27001, ITIL, COBIT, NIST, GDPR, NIS, etc.
• Knowledge and understanding of relevant legal and regulatory requirements, such as PII, PCI DSS and several others
• Proven track record and experience in developing information & cyber security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.
• Knowledge of global requirements.
• Experience with building and leading a high-performing information & cyber security team at a large, global corporation. Experience in working with senior executive leadership in a large, globally-distributed corporate environment.

Skills

• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
• Poise and ability to act calmly and competently in high-pressure, high-stress situations.
• Must be a critical thinker, with strong problem-solving skills.
• Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
• Project management skills: financial/budget management, scheduling and resource management.
• Ability to influence, lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
• Experience with contract and vendor negotiations.
• High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.
• High degree of initiative, dependability and ability to work with little supervision.