Job Description

Description

The Information Security Officer is responsible for developing and maintaining the hospital's information security framework. The role involves overseeing security operations, ensuring compliance with Abu Dhabi Healthcare Information and Cyber Security Standard (ADHICS), and contributing to key projects such as SOC (Security Operations Center) implementation, SIEM, and Data Loss Prevention (DLP) systems.

Essential Job Functions and Key Accountabilities:

Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program. Execute periodic and ad-hoc compliance checks and cyber risk assessments in alignment with mandated cyber security policies and guidelines. Recommend and implement remedial actions for non-compliance issues. Contribute to Risk Management Framework documentation and activities (e.g., system life-cycle support plans, operational procedures, maintenance training materials). Participate in risk governance processes to evaluate and address security risks. ?Lead and Monitor the implementation of SOC and SIEM solutions. Oversee DLP strategies and governance. ?Perform regular audits, security scans, and risk assessments. Define and enforce security protocols, policies, and procedures. Ensure compliance with UAE regulations and international standards. Conduct cyber security awareness training for staff. Collaborate with IT and clinical departments to integrate security into all systems and workflows. Investigate and respond to security incidents and breaches.

Competency Standards

?

Clinical/Technical Competencies:

?

Cyber security and privacy principles (confidentiality, integrity, availability).? Networking protocols and network security threats. Laws, regulations, and ethics related to cyber security.? Information classification and compromise procedures. Security scanning, vulnerability assessments and penetration testing.? ?PHI (Personal Health Information) data protection standards. Security architecture, including topology, protocols, and components.? ?Experience with SIEM tools. DLP platform experience ? Familiarity with Firewalls, IDS/IPS, and Endpoint Protection. Microsoft Azure and Office 365 security solutions.? ISO 27001 and/or ADHICS implementation experience preferred.

Qualification

Bachelor's Degree in Information Technology, Computer Science, or Cybersecurity.

Diploma holders with strong relevant experience may be considered.

Experience

3-5 years of professional experience in Information Security.

Minimum 2 years of

hands-on experience

with

DLP

and

SOC/SIEM

projects.