The primary role of this position is to support the CISO in developing, maturing and maintaining the organisations cybersecurity architecture; leading or assisting in the creation, implementation and management of cybersecurity solutions; implementing, monitoring, and maintaining cybersecurity operational processes; and producing reports for the assessment and functioning of security operations
This leading Middle East financial institution with an international footprint is embarking on some exciting and ambitious growth plans. Centred around developments in technology and digital, the focus is now to bring in the best talent to help facilitate and drive the growth and evolution of this great company.
Provide the CISO with an independent assessment of the adequacy, effectiveness and sustainability of security operationsEnsure the secure configuration and operation of security hardware and softwareEnsure that necessary changes to security policy documentation are incorporated as directed by the Head of DepartmentWork in partnership with other Information Security and IT staff to ensure key security controls are working as intended, recommending improvements where appropriateCollaborate with security organisation team members to assess and analyse security operations and suggests improvementMaintain and monitor network and host intrusion detection and prevention technologiesSupport forensic analysis and security incident management, analyses and identifies root causes, and develops after action plan reports for high-impact/high-profile incidents.Maintain the organisations Cybersecurity framework and the mapping to other security frameworks/ internal policies, and tracks all related action plansIdentifies risks to information resources through risk analysisWork with the business and IT to specify Cybersecurity controls and convey security control requirements to users and information custodians
Bachelor’s or Master’s degree in Information Technology/Information Systems/Computer sciences from an accredited 3-4 year programHolds an Information/cybersecurity related certification: CISSP – The Certified Information Systems Security Professional; CISM – Certified Information Security Manager; GIAC – Global Information Assurance Certification; or CEH – Certified Ethical Hacker.The Cybersecurity architect may hold vendor-oriented certifications such as those offered by Cisco, Microsoft, Enterasys, Symantec, Oracle, McAfee, etc.At least 15 years of experience, with a minimum of 7 years in the Information/Cyber Security field. The remainder with one or more of the following: networks and telecommunications, IT Audit, or IT Risk.Strong knowledge of the NIST CyberSecurity framework and the financial services’ Info & CyberSecurity requirements in the USA, UK and Singapore.Display strong knowledge of Networks, firewalls and perimeter security.Have held a team-lead position; preferably within the Information Security space.Strong knowledge of forensic investigations, incident management and ethical hacking.Strong portfolio and project management skills.Display good knowledge of the 10 recognised information security domains: Access Controls, Application Security, Cryptography, Risk Management, Compliance and Investigations, Operations Security, Physical Security, Security Architecture and Telecommunications.Display knowledge of IT processes: application development, change and release management, incident and problem management, software asset management, IT risk management, security management, data management.
In addition to joining an exciting organisation, this role will pay an attractive tax-free salary and additional benefits.