Information Security Manager (Governance & Compliance)

Job Description

Kitopi is the world’s leading tech-powered multi-brand restaurant. With a mission to satisfy the world’s appetite, Kitopi operates a portfolio of both invested and franchised F&amp;B brands, serving as enablers in the food market by helping brands to grow and scale, both in the delivery and dine-in space.<p><br></p>Launched in Dubai, UAE in January 2018, Kitopi has grown to become one of the greatest success stories in the cloud kitchen and food tech space. In July 2021, Kitopi announced its $415 million Series C funding round, led by the world’s largest technology-focused investment fund, Softbank Group Corp’s Vision Fund 2. This investment catapulted Kitopi to the prestigious Unicorn status, making it the fastest Unicorn to have emerged from the MENA region.<p><br></p>As a leading food-tech business, Kitopi’s growth has been largely fueled by its innovative and scalable software solutions. Kitopi’s kitchens are powered by its proprietary Smart Kitchen Operating System (SKOS) – an in-house suite of applications that optimizes cloud kitchen operations in real-time. As part of its growth roadmap, technological innovation, data science, artificial intelligence, and robotics will take center stage as Kitopi continues to reinvent the food industry as we know it today.<p><br></p>With over 4,000 employees, Kitopi currently operates 200+ locations across the UAE, KSA, Kuwait, Bahrain, and Qatar, and runs its engineering hub in Krakow, Poland, its robotics hub in Denmark, and its global customer experience center in Dubai, UAE.<p><br></p>Together with the Product, Engineering, Data, AI, and Robotic departments, we are creating various applications starting from highly personalized selling apps (web &amp; mobile), through the kitchen management system, customer service, delivery, control, and business applications which help us to make decisions and determine the further direction of product development and more. We currently have around 40 applications in microservice architecture and we will constantly be creating new ones.<p><br></p>We seek a highly skilled and experienced Information Security Manager specializing in Governance and Compliance to join our organization. As an Information Security Manager, you will oversee and manage all aspects of information security governance and compliance activities within the company. You will play a vital role in ensuring the confidentiality, integrity, and availability of our information assets and maintaining compliance with relevant industry standards, regulations, and best practices.<p><br></p><strong>What You’ll Do</strong><p><br></p><ul><li>Governance and Compliance Management:</li><li>Develop, implement, and maintain an effective information security governance framework.</li><li>Establish and enforce information security policies, standards, guidelines, and procedures.</li><li>Conduct regular security, risk, and vulnerability assessments to identify and mitigate potential risks.</li><li>Monitor and ensure compliance with relevant industry regulations, standards (Focus on ISO 27001, ITGC, GDPR, PCI-DSS), and contractual obligations.</li><li>Keep abreast of emerging trends, regulations, and best practices regarding information security governance and compliance.</li></ul><p><br></p>Policy and Procedure Development:<p><br></p><ul><li>Collaborate with stakeholders to develop and update information security policies, procedures, and guidelines.</li><li>Ensure policies and procedures align with our markets’ industry standards and regulatory requirements.</li><li>Communicate policies and procedures effectively to employees and provide training as necessary.</li><li>Security Awareness and Training:</li><li>Develop and deliver information security awareness and training programs for employees, contractors, and third parties.</li><li>Promote a culture of security awareness and compliance throughout the organization.</li><li>Regularly assess the effectiveness of training programs and make necessary improvements.</li></ul><p><br></p>Incident Response and Management:<p><br></p><ul><li>Develop and maintain an incident response plan and coordinate incident response activities.</li><li>Investigate and respond to security incidents, breaches, and vulnerabilities promptly and effectively.</li><li>Conduct post-incident analysis and implement corrective actions to prevent similar incidents.</li></ul><p><br></p>Vendor and Third-Party Risk Management:<p><br></p><ul><li>Assess the security posture of third-party vendors and service providers.</li><li>Collaborate with relevant stakeholders to establish and enforce vendor security requirements.</li><li>Conduct due diligence assessments and periodic audits of vendors’ security practices.</li></ul><p><br></p><strong>What Are We Looking For</strong><p><br></p><ul><li>Bachelor’s degree in Computer Science, Information Security, or a related field. </li><li>A master’s degree is preferred.</li><li>Relevant industry certifications such as CISSP, CISM, CRISC, or equivalent.</li><li>Proven experience (10 years) in information security governance, compliance, and risk management.</li><li>In-depth knowledge of relevant industry regulations, standards, and frameworks.</li><li>Strong understanding of security best practices, technologies, and trends.</li><li>Experience in policy and procedure development, security awareness, and training.</li><li>Familiarity with incident response planning and execution.</li><li>Excellent communication, collaboration, and leadership skills.</li><li>Strong analytical and problem-solving abilities.</li><li>Ability to work effectively in a fast-paced, dynamic environment.</li></ul><p><br></p><strong>Recruitment Process and Timeline</strong><p><br></p>First, you apply and let our recruiters review your profile. After reviewing, you will receive a link to book a meeting with a recruiter at your convenience to share more about yourself and for us to get to know you better. If you have been shortlisted, you will have the opportunity to meet our hiring managers. Depending on the scope of the role and the function, you may need to attend 2-3 rounds (which might include case study, role-play, trial, or live coding – this will be communicated to you in the initial conversation). Upon successful completion, your recruiter will get in touch with you to discuss the offer. We aim to take you through this process within 2-3 weeks.<p><br></p><strong>Benefits</strong><p><br></p><ul><li> Extensive learning opportunities – we offer many hard and soft skills training to help you improve and challenge yourself</li><li> You’ll be involved in customized workshops run by Kitopi Academy</li><li> You’ll have a chance to work in an international, diverse, and inclusive environment</li><li> You’ll be part of one of the most caring communities out there.</li><li> Finding a chance to become a shareowner with our ESOP plan (T&amp;C Applies)</li><li> Free and unlimited access to a nutritionist because we care about you</li><li> No Dress Code!</li><li> Extended maternity and parental leave</li><li> The infamous team activities and social events are bursting with fun</li><li> Inclusive Private Health Insurance</li><li> Up to 50% discount from Kitopi brands</li><li> 24 working days annual leave as per the company policy</li></ul><p><br></p><strong>So, what does it really mean to work at Kitopi?</strong><p><br></p>We are constantly striving to make Kitopi the best place to work in the world, by empowering you to be the best version of yourself every day. Our company values act as our guiding principles to help ensure that everyone feels safe, included, and like they truly belong.<p><br></p>Kitopi is an equal-opportunity employer. While we currently operate in 6 countries, we are over 70 different nationalities of talented Kitopians. We celebrate our rich diverse backgrounds, lifestyles, and cultures and have a 0 tolerance policy towards racism, bigotry, and hate. Please apply if you see a position that makes your heart skip a beat and help us build a company that we’re all proud to work for.<p><br></p>Along with offices in all the markets we operate in, we also believe in a “work from anywhere” policy – you get to choose the environment you operate in because we believe this will help you deliver work you’re proud of.<p><br></p>Tech-enabled and customer-obsessed, at Kitopi, we are a team of passionate humans who are on a mission together to satisfy the world’s appetite.