About Us The ENTERTAINER is a leader in the Lifestyle industry, providing our members with exclusive access to 2-for-1 vouchers for dining, delivery, attractions, shopping, and travel across the GCC, Singapore and South Africa. We are dedicated to pushing the boundaries of customer satisfaction and business growth, continuously innovating to enhance the way our users engage with entertainment. Join us as we strive to transform the entertainment landscape through creativity and innovation. About the Role As a key member of the Information Security and Compliance Team, the Information Security and Compliance Engineer is responsible for ensuring the organization meets legal compliance requirements related to Information Security, Data Protection, and Privacy under local and international laws.
This role will focus on ensuring the organization adheres to ISO 27001, PCI-DSS, and other relevant laws, regulations, and industry standards related to information security. The Information Security and Compliance Engineer will collaborate with various departments to identify risks, develop policies and procedures to mitigate them, and continuously monitor the effectiveness of the organization's security measures. This includes overseeing controls, incident response procedures, and conducting regular assessments to improve the information security program.
Key Responsibilities
Develop and maintain an information security compliance program that aligns with all applicable laws, regulations, and industry standards.
Collaborate with cross-functional teams to identify potential risks and create policies and procedures to mitigate these risks.
Monitor and evaluate the effectiveness of the organization's information security program, including the implementation of security controls and incident response protocols.
Conduct regular audits to ensure compliance with relevant security standards and regulations.
Develop and deliver security awareness training programs for employees and third-party vendors, ensuring alignment with ISO 27001 and PCI-DSS compliance.
Serve as the primary point of contact for all information security compliance inquiries.
Actively participate in the incident response process, managing investigations, containment, and resolution of security incidents.
Stay informed of new and emerging security threats and vulnerabilities, and collaborate with stakeholders to develop appropriate response strategies.
Keep up to date with changes in relevant regulations and standards to ensure the organization maintains compliance.
Report on compliance issues and maintain comprehensive documentation related to information security and compliance efforts.
What we're looking for
A Bachelor's degree in Information Security, Computer Science, or a related field.
A minimum of 2 years of experience in information security compliance or a related field.
Strong understanding of relevant security standards and regulations, such as ISO 27001, GDPR, HIPAA, PCI-DSS, FIPS, etc.
Excellent communication and interpersonal skills.
Ability to work both independently and collaboratively within a team environment.
Strong analytical, problem-solving, and risk-management skills.
Experience conducting information security audits.
Relevant certifications (e.g., ISO 27001, CISA, CISSP) are highly preferred.
Benefits
Competitive salary and comprehensive benefits package.
Opportunity to work with a dynamic and innovative company.
A chance to contribute to the growth and success of a well-established UAE brand.