Specialist Information Security at Tabreed in Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates | Kablio

Role

Description

security assessments

risk analysis

security architecture

compliance monitoring

vendor management

incident response

Coordinate & conduct black/white box security assessments with industry standard security tools
Maintain a working knowledge of current cybercrime tactics.
Collaborate with other members of the cybersecurity team to develop new protocols, layers of protection, and other both proactive and defensive systems that stay one step ahead of cyber criminals.
Analyse current risks and identify potential risks in responsibility
Regular generation of reports for executives and administrators
Manage budgets, maintain financial forecasts, develop, and present business cases
Lead efforts to evaluate and select vendors for security assessments, penetration testing, and other similar security services
Create solutions that balance business requirements with information and cybersecurity requirements
Lead the development of a risk reduction strategy for the protection of Tabreed critical systems and associated critical digital assets (CDAs).
Lead the evaluation of the potential impact of implementing difference cyber risk reduction methods (i.e., cyber security controls) with in the IT infrastructure.
Make appropriate recommendations for security enhancements to the line manager or any external vendor providing services including tools, technologies, services, policies, procedures, and other areas as needed
Development of threat prevention strategies
Comply with Health, Safety and Environment Policies (mandatory for all)
Regularly review the operation of security controls and recommend changes designed to improve effectiveness and/or counter emerging risks
Participate in and lead design sessions with Finning personnel as well as external parties.
Assist with designing the governance activities associated with ensuring compliance with Information Security Policies.
Work independently on technical issues and recommend design solutions.
Lead the development of a risk management strategy to include a cyber security control implementation strategy for effective and sustainable risk reduction.
Act as the primary interface with the Tabreed stakeholders to architect the defensive model and implement cyber security controls across Tabreed IT & OT systems for desired risk reduction.
Establish objectives and milestones and manage activities to deliver high-quality results within budget and schedule
Leads the creation of deliverables related to design and analysis of technology solution to ensure that solution meet business and operation needs.
Report the risk tailored to the relevant audience
Develop and implement software security compliance program that takes a risk-based approach to ensure appropriate compliance to policies/standards/guidelines
Design, Build, Implement and support an Enterprise-class security systems.
Attend all regular, special, and emergency meetings regarding cyber and information security
Develop, support, and advance strategies, policies, programs, and projects designed to continually improve and enhance cyber and information security posture and resiliency
Build risk awareness amongst team by providing support and training
Maintain security guidelines, procedures, standards, and controls documentation
Monitor and ensuring compliance to standards, policies, and procedures.
Lead the development of a corrective action plan for achieving desired risk reduction and maturing program elements.
Lead the conduct of a cyber-security self-assessment initiatives based on international standard, national standards, and state of practice.
Assess the Tabreed’s defensive strategy and the implementation of the cyber security program.
Work with multiple stakeholders to identify areas for cyber risk reduction on the IT Infrastructure and OT systems.
Oversee compliance with applicable laws, rules, and regulations related to cyber and information security
Communicates with senior leadership on cyber security strategic issues and current risks.
Assist in establishing key performance indicators to monitor changes in cyber risk.
Define high-level migration plans to address the gaps between the current and future state, typically in sync with the budgeting or other planning processes.
Contribute to awareness and outreach efforts both internally and externally
Direct and oversee the evaluation of security tools and make acquisition recommendations to the IT Security Manager
Provide an evaluation on current milestone delivery and regulatory compliance.
Research new technology to determine what would best support their organization in the future
Lead the analysis of the current technology environment to detect critical deficiencies and recommend solutions for improvement Conduct incident response analyses; develop.
Follow the international framework designed to standardize the selection, planning, delivery, and maintenance of IT services within a business
Act as a liaison with the UAE regulatory authority, to validate cyber security performance meets or exceeds regulatory expectations for protection against the design basis threat.
Consult on application or infrastructure development projects to harmonize systems or infrastructure.
Design security architecture elements to mitigate threats as they emerge.
Work with the compliance team to establish policies/standards/guidelines to ensure systems record user activities and access to sensitive data in support of insider risk management
Security systems development, testing, analysis, and implementation

Requirements

cissp

azure

siem

incident response

5+ years

bachelor’s

High level of personal integrity as well as the ability to professionally handle confidential matters and to show an appropriate level of judgment and maturity
Good understanding of Infrastructure Security and its impact on Security Operations, Vulnerabilities, Reporting, Analytics and Monitoring.
Hands-on experience running mission-critical cybersecurity operations
Self-starter, accountability, and the ability to work with little supervision
Experience in threat management and threat intelligence.
Broad knowledge across all areas of the Technology Architecture domain including Cloud Computing (IaaS, PaaS, AWS, Azure etc.) Data Center, Data Storage Technologies, Virtualization, server platforms (Windows and Linux), Desktop, mobility solutions, systems monitoring/management, data protection, high availability/clustering, network (WAN/LAN/WLAN etc.), Security (Firewall, IDS/IPS, VPN etc.)
Ability to quickly comprehend the functions and capabilities of new technologies
Response to security threats, attacks, and similar events
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
Flexibility to work in shifts as required
Bachelor’s degree holder in Computer Science/Engineering or equivalent Knowledge
Experience with contract and vendor negotiations, and expertise in negotiating complex contracts and managing vendors, including design, and tracking of Service Level Agreements (SLAs)
Project management skills: financial/budget management, scheduling, and resource management
Proven experience building a service-oriented organization and driving or promoting a service delivery model
Minimum 5 years’ experience in Information Technology (IT) & Operational Technology (OT) Cyber security
Knowledge of many, if not most, aspects of information security architecture Understanding of network and enterprise architecture Certifications: CISSP or CISM , Network and security , Microsoft Azure Administrator Certification and Industrial Cybersecurity
Ability to understand the long-term ("big picture") and short-term perspectives of situations
Exhibit excellent analytical skills and the ability to manage multiple projects under strict timelines as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
Familiar with the basic principles of organizational change management, and understanding of how to apply these principles
Ability to estimate the financial impact of risk mitigation alternatives
Experience in security device management and SIEM.
Risk Management (mandatory; line manager discretion)
Due to nature of 24/7 operation may be required to work after hours or on weekend
Strong proficiency in Incident Management and Response.
Demonstrate a solid understanding of infrastructure, virtualization, cybersecurity standards, and operating procedures.
Ability to develop a comprehensive understanding of Finning’s business, market and industry and relate that knowledge to identified operations and IT-related risks

Benefits

Limited travel to project sites

Training + Development

Information not given or found

Interview process

Information not given or found

Visa Sponsorship

Information not given or found

Security clearance

Information not given or found

Company

Overview

1999 District Cooling Plant

First Regional District Cooling Plant

Launched in Abu Dhabi, marking the beginning of significant infrastructure development in the region.

1.3 Million Refrigeration Tons

Cooling Capacity

Provides cooling solutions for iconic landmarks, showcasing advanced infrastructure capabilities.

2023 Geothermal Plant

Geothermal Cooling Innovation

Launched a geothermal cooling plant, leading the way in sustainable energy solutions.

Grew from a 3-person startup to a publicly listed company owning and operating over 90 plants across multiple countries including UAE, Saudi Arabia, Oman, Bahrain, India, and Egypt.
Financially solid and publicly traded on Dubai Financial Market, supports major regional expansions via sukuk and bond issuances.
Expertise spans design, build, operation, and maintenance of district cooling networks, often integrated with projects like metros, malls, hospitals, and mixed-use complexes.
Innovates with AI control systems and renewable-energy trials.

Culture + Values

Prioritize health, safety, and environmental responsibility in all operations.
Strive to exceed customer expectations by providing reliable, sustainable solutions.
Act with honesty and transparency in every aspect of business.
Pursue continuous improvement in performance, products, and services.
Embrace new technologies and ideas to drive growth and efficiency.
Foster a culture of teamwork and shared responsibility.

Environment + Sustainability

1.7 Million Tons CO2 Saved

Annual Emissions Reduction

Reduction in carbon emissions achieved through efficient district cooling systems.

Committed to achieving Net Zero emissions by 2050.
Utilizes energy-efficient district cooling systems.
Focus on renewable energy sources for cooling networks.
Operates with sustainable practices in UAE's built environment.

Inclusion & Diversity

Articles

Tabreed launches ‘Tabreed Cares’ initiative

Tabreed Successfully Issues USD 700 Million Green Sukuk

Tabreed Energy Services Launched

Role

Description

security assessments

risk analysis

security architecture

compliance monitoring

vendor management

incident response

Coordinate & conduct black/white box security assessments with industry standard security tools
Maintain a working knowledge of current cybercrime tactics.
Collaborate with other members of the cybersecurity team to develop new protocols, layers of protection, and other both proactive and defensive systems that stay one step ahead of cyber criminals.
Analyse current risks and identify potential risks in responsibility
Regular generation of reports for executives and administrators
Manage budgets, maintain financial forecasts, develop, and present business cases
Lead efforts to evaluate and select vendors for security assessments, penetration testing, and other similar security services
Create solutions that balance business requirements with information and cybersecurity requirements
Lead the development of a risk reduction strategy for the protection of Tabreed critical systems and associated critical digital assets (CDAs).
Lead the evaluation of the potential impact of implementing difference cyber risk reduction methods (i.e., cyber security controls) with in the IT infrastructure.
Make appropriate recommendations for security enhancements to the line manager or any external vendor providing services including tools, technologies, services, policies, procedures, and other areas as needed
Development of threat prevention strategies
Comply with Health, Safety and Environment Policies (mandatory for all)
Regularly review the operation of security controls and recommend changes designed to improve effectiveness and/or counter emerging risks
Participate in and lead design sessions with Finning personnel as well as external parties.
Assist with designing the governance activities associated with ensuring compliance with Information Security Policies.
Work independently on technical issues and recommend design solutions.
Lead the development of a risk management strategy to include a cyber security control implementation strategy for effective and sustainable risk reduction.
Act as the primary interface with the Tabreed stakeholders to architect the defensive model and implement cyber security controls across Tabreed IT & OT systems for desired risk reduction.
Establish objectives and milestones and manage activities to deliver high-quality results within budget and schedule
Leads the creation of deliverables related to design and analysis of technology solution to ensure that solution meet business and operation needs.
Report the risk tailored to the relevant audience
Develop and implement software security compliance program that takes a risk-based approach to ensure appropriate compliance to policies/standards/guidelines
Design, Build, Implement and support an Enterprise-class security systems.
Attend all regular, special, and emergency meetings regarding cyber and information security
Develop, support, and advance strategies, policies, programs, and projects designed to continually improve and enhance cyber and information security posture and resiliency
Build risk awareness amongst team by providing support and training
Maintain security guidelines, procedures, standards, and controls documentation
Monitor and ensuring compliance to standards, policies, and procedures.
Lead the development of a corrective action plan for achieving desired risk reduction and maturing program elements.
Lead the conduct of a cyber-security self-assessment initiatives based on international standard, national standards, and state of practice.
Assess the Tabreed’s defensive strategy and the implementation of the cyber security program.
Work with multiple stakeholders to identify areas for cyber risk reduction on the IT Infrastructure and OT systems.
Oversee compliance with applicable laws, rules, and regulations related to cyber and information security
Communicates with senior leadership on cyber security strategic issues and current risks.
Assist in establishing key performance indicators to monitor changes in cyber risk.
Define high-level migration plans to address the gaps between the current and future state, typically in sync with the budgeting or other planning processes.
Contribute to awareness and outreach efforts both internally and externally
Direct and oversee the evaluation of security tools and make acquisition recommendations to the IT Security Manager
Provide an evaluation on current milestone delivery and regulatory compliance.
Research new technology to determine what would best support their organization in the future
Lead the analysis of the current technology environment to detect critical deficiencies and recommend solutions for improvement Conduct incident response analyses; develop.
Follow the international framework designed to standardize the selection, planning, delivery, and maintenance of IT services within a business
Act as a liaison with the UAE regulatory authority, to validate cyber security performance meets or exceeds regulatory expectations for protection against the design basis threat.
Consult on application or infrastructure development projects to harmonize systems or infrastructure.
Design security architecture elements to mitigate threats as they emerge.
Work with the compliance team to establish policies/standards/guidelines to ensure systems record user activities and access to sensitive data in support of insider risk management
Security systems development, testing, analysis, and implementation

Requirements

cissp

azure

siem

incident response

5+ years

bachelor’s

High level of personal integrity as well as the ability to professionally handle confidential matters and to show an appropriate level of judgment and maturity
Good understanding of Infrastructure Security and its impact on Security Operations, Vulnerabilities, Reporting, Analytics and Monitoring.
Hands-on experience running mission-critical cybersecurity operations
Self-starter, accountability, and the ability to work with little supervision
Experience in threat management and threat intelligence.
Broad knowledge across all areas of the Technology Architecture domain including Cloud Computing (IaaS, PaaS, AWS, Azure etc.) Data Center, Data Storage Technologies, Virtualization, server platforms (Windows and Linux), Desktop, mobility solutions, systems monitoring/management, data protection, high availability/clustering, network (WAN/LAN/WLAN etc.), Security (Firewall, IDS/IPS, VPN etc.)
Ability to quickly comprehend the functions and capabilities of new technologies
Response to security threats, attacks, and similar events
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
Flexibility to work in shifts as required
Bachelor’s degree holder in Computer Science/Engineering or equivalent Knowledge
Experience with contract and vendor negotiations, and expertise in negotiating complex contracts and managing vendors, including design, and tracking of Service Level Agreements (SLAs)
Project management skills: financial/budget management, scheduling, and resource management
Proven experience building a service-oriented organization and driving or promoting a service delivery model
Minimum 5 years’ experience in Information Technology (IT) & Operational Technology (OT) Cyber security
Knowledge of many, if not most, aspects of information security architecture Understanding of network and enterprise architecture Certifications: CISSP or CISM , Network and security , Microsoft Azure Administrator Certification and Industrial Cybersecurity
Ability to understand the long-term ("big picture") and short-term perspectives of situations
Exhibit excellent analytical skills and the ability to manage multiple projects under strict timelines as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
Familiar with the basic principles of organizational change management, and understanding of how to apply these principles
Ability to estimate the financial impact of risk mitigation alternatives
Experience in security device management and SIEM.
Risk Management (mandatory; line manager discretion)
Due to nature of 24/7 operation may be required to work after hours or on weekend
Strong proficiency in Incident Management and Response.
Demonstrate a solid understanding of infrastructure, virtualization, cybersecurity standards, and operating procedures.
Ability to develop a comprehensive understanding of Finning’s business, market and industry and relate that knowledge to identified operations and IT-related risks

Benefits

Limited travel to project sites

Training + Development

Information not given or found

Interview process

Information not given or found

Visa Sponsorship

Information not given or found

Security clearance

Information not given or found