Security & GRC
Client of MigrationIT
Posted on 25 Sep
Send me Jobs like this
Nationality
Any Nationality
Gender
Not Mentioned
Vacancy
1 Vacancy
Job Description
Roles & Responsibilities
Develop and update annual Information Security RCSA review for Information Security function.
Perform annual information security review for the IT infrastructure and applications, Maintain technology risk registers on archer and ensure identified risks are remediated according to security guidelines.
Acting as second eye and checker to for IT-RCSA reports to support other functions.
Coordinate with third party assessors to maintain Risk Assessment reports to support bank accreditation (PCI-DSS, ISO 27K, ISO 22301K, etc.) and Attestation.
Coordinate with IT for Risk control self-assessment of IT service catalogue services including Define, monitor and measure KPI s, and KRI s Coordinate with Internal, external, and regulatory auditors for security risk management domain.
Review IT concept design, solution design, applications, and documents to identify security risks.
Perform Technical Risk Assessment activities on major infrastructure changes/ IT Projects to ensure that mandatory controls are implemented. Coordinate with SOC team to identify and escalate unauthorized changes to critical IT assets performed by IT.
Escalate violations to disciplinary actions. Review projects BRD document ensuring that Information Security is primary stakeholder in business project, and that project implementation shall follow Bank Information Security & BC standards and aligned with CBE regulations.
Requirements
- 3-5 years in the fields of information security Experience of risk assessment methodology and approaches according to international standards, best practices, and frameworks. Knowledge of organizational processes and procedure.
- Background and experience in Cybersecurity and risk management.
- Knowledge and experience of Cybersecurity controls and best practices.
- Ability of conduct risk assesses to identify gaps, recommend required control and monitor treatment actions. Hand-on experience of Governance, Risk, and compliance tools.
- Adequate knowledge in local and international Information security standards eg CBE regulation, ISO27001, PCI-DSS 3.2.1, NIST.
- Experience in banking operations.
- Preferred certifications ,CRISC ,CISSP ,ISO27001LA/LI.
Desired Candidate Profile
- 3-5 years in the fields of information security Experience of risk assessment methodology and approaches according to international standards, best practices, and frameworks. Knowledge of organizational processes and procedure.
- Background and experience in Cybersecurity and risk management.
- Knowledge and experience of Cybersecurity controls and best practices.
- Ability of conduct risk assesses to identify gaps, recommend required control and monitor treatment actions. Hand-on experience of Governance, Risk, and compliance tools.
- Adequate knowledge in local and international Information security standards eg CBE regulation, ISO27001, PCI-DSS 3.2.1, NIST.
- Experience in banking operations.
- Preferred certifications ,CRISC ,CISSP ,ISO27001LA/LI.
Company Industry
- Recruitment
- Placement Firm
- Executive Search
Department / Functional Area
- IT Software
Keywords
- Security & GRC
Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com
Client of MigrationIT
https://careers.migrationit.com/jobs/Careers/586058000024665968/
Similar Jobs
GRC Specialist
Client of Salt
- 1 - 7 Years
- United Arab Emirates - United Arab Emirates