Senior Security Specialist

About the role

The Senior Security Specialist will lead AZADEA Group’s information security program, ensuring the confidentiality, integrity and availability of data across more than 700 stores in the Middle East and Africa. Working closely with senior management, you will design, implement and continuously improve security policies, controls and risk‑mitigation strategies.

Key responsibilities

• Develop, maintain and enhance the security program in line with ISO/IEC 27001, ISO/IEC 27002 and local regulations.
• Conduct gap assessments against standards such as ISO 27001 and GDPR, and recommend remediation.
• Monitor emerging laws, regulations and industry practices to ensure ongoing compliance.
• Perform information‑security and privacy risk assessments and define mitigation plans.
• Design, implement and monitor security controls for systems, networks and IT infrastructure.
• Manage security incidents, conduct root‑cause analysis and drive corrective actions.
• Coordinate with IT owners to embed security controls across all environments.
• Liaise with external auditors, authorities and third‑party vendors on audits and compliance.
• Oversee vulnerability detection, remediation and threat‑mitigation programs.
• Provide guidance on data classification, asset protection and business continuity planning.
• Develop and deliver security policies, procedures, awareness programs and training.
• Prepare concise reports on risks, incidents and overall security posture for management.

Required profile

• Senior‑level professional with proven experience in information security program management.
• Fluent in English and Arabic; French is a plus.
• Strong communication skills to interact with senior leadership, auditors and external partners.
• Ability to work independently and coordinate cross‑functional projects.

Required skills

• In‑depth knowledge of ISO/IEC 27001 and ISO/IEC 27002 frameworks.
• Experience with GDPR and other data‑protection regulations.
• Vulnerability detection and remediation expertise.
• Security incident response and root‑cause analysis.
• Risk assessment methodologies and mitigation planning.
• Design and implementation of security controls across IT environments.
• Business continuity planning and testing.
• Proficiency with MS Office for reporting and documentation.