| In this context, the following sections detail the main qualifications, skills and responsibilities related to this position: Job Responsibilities Cyber Security Policies and Procedures Development - Develop and monitor a strategic, comprehensive enterprise information / cyber security risk management program (including strategy, policies, standards, processes, and guidelines) to ensure protection of Buna digital and data assets
- Create, maintain and publish up-to-date information security policies, standards and guidelines
- Ensure cyber security policies, procedures and best practices are communicated across the organization
Security Operations Implementation - Implement and lead the strategy for managing and reporting security incidents and oversee investigations of reported security breaches
- Identify, manage, and minimize information security risks, and provide relevant and timely reports that drive business decisions
- Ensure appropriate administrative, physical and technical safeguards are in place to protect information assets from internal and external threats
- Identify, introduce and implement appropriate procedures to test technical safeguards on a regular basis
- Oversee the development and implementation of appropriate and effective controls to mitigate identified threats and risks
- Align the security and enterprise (reference) architectures, ensuring security requirements are implicit in these architectures
- Manage the daily operations for InfoSec architecture, engineering, operations center, secure development lifecycle, and governance functions across on-premise, hybrid cloud, and cloud capabilities
-
Information Security Program Management - Report regularly on current status of the information security program
- Keep abreast of latest cybersecurity technologies and innovations
- Create and manage a targeted information security awareness training program
- Manage InfoSec vendor relationships and optimizing value from these relationships
- Research, investigate and implement measures that address data security risks and potential losses
Identity and Access Management - Monitor and maintain application user access across the IT portfolio
- Maintain on time on-boarding and off-boarding for identified IT environments
Cybersecurity Incident Mitigation - Follow-up on detected security issues and implement solutions to mitigate risks
- Oversee threat monitoring activities, take preventive actions and advise relevant stakeholders on the appropriate course of action and response to such threats
- Own the cybersecurity incident and vulnerability management processes from design to implementation
Threat Analysis and Monitoring - Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters
Qualifications and Skills Experience & Education - 10+ years of experience in IT, with at least 5+ years in Information Security, preferably in banking
- Prior experience developing and maintaining an information security program
- Experience with information security frameworks
- Graduate degree from a reputable university preferably in computer science or any related field
- Relevant security certifications (CISA, CISM, CERT, CISSP, GSEC, CCSP, GIAS, CEH or OCSP) are preferred
Skills - Knowledge of information security frameworks, cyber security policies and procedures, statutory and regulatory compliance, security operations, cybersecurity incident response, identity and access management and further threat analysis and monitoring
- Excellent communication skills (oral and written) with ability to effectively communicate by telephone, face to face, email and written
- Proficient in Microsoft Office (Outlook, Word, Excel and PowerPoint)
- Excellent organization and time management skills, and ability to work on own initiative, accurately to tight deadlines, and to prioritize between conflicting demands
- Ability to handle multiple tasks with tight deadlines simultaneously
- Effective team player and excellent relationship building skills with ability to demonstrate a high level of discretion and positive attitude with all internal and external stakeholders
- Ability to maintain the highest level of confidential/sensitive information and professionalism
- Flexibility and readiness to work beyond regular working hours and as required
Languages - Fluent in English & Arabic
|
