Job Description - Information Systems Security Analyst/Senior Analyst (240001ZH)
Job Description
Information Systems Security Analyst/Senior Analyst - ( 240001ZH )
Description
1. Design, Implement & maintain Cloud Security Measures for public/private Cloud Infrastructure Platforms. This includes Securing Virtual Machines, storage Systems, Networks or Cloud Resources.
2. Develop and maintain security baselines for all information systems and ensure regular maintenance and update of all baselines inventory bank wide.
3. Perform regular baseline scans or reviews as applicable to ensure compliance with the developed security baselines and follow up on mitigating the identified gaps/findings
4. Support the implementation of the different security projects and initiatives through defining the necessary security requirements in full alignment with the security policies and industry requirements.
5. Contribute to the design and implementation of security controls & technologies including but not limited to firewalls, intrusion detection/prevention systems, access controls and cryptographic mechanisms to strengthen the bank security posture
6. Conduct comprehensive reviews for security controls & configurations in alignment with Banks’ policy, compliance & regulation mandates and industry best practices
7. Effectively participate in the change and release management process to ensure adequate security controls are applied before go-live
8. Review and approve access control requests over different technology platforms/ and network security infrastructure to ensure adequate application of the approved security policies (e.g., Firewall rules change review).
9. Participate in the new server provisioning process to ensure conducting the needed security checks and ensure closure of any identified gaps before production deployment.
10. Ensure proper management and enforcement of privileged accounts over different technology layers (Operating System, Database, Application) including account designation, and implementation of privileged access control requirements.
11. Review and approve privileged access related requests including but not limited to (generic accounts creation, PAM access, access to existing accounts, etc.).
12. Assess and provide recommendations for IT & Cyber security policy deviation requests and ensure proper tracking of the same.
Qualifications
Qualifications & Experience
Bachelor's degree in Computer Science, Information Security, or a related field. A master's degree is preferred.
3-5 (5-8 for the senior) years of proven experience in security domains
Strong knowledge of Operating Systems Principals, secure design principles, and common security vulnerabilities
Has strong technical experience and knowledge of several cyber security technologies including firewalls, IDS/IPS, DLP, End Point Security, Data Encryption, Database Security, Web/Email Filtering vulnerability scanners, code analysis tools, etc.
Knowledge of industry regulations and standards such as CIS benchmark, ISO 27001, NIST, OWASP, etc.
Experience conducting security assessments, vulnerability testing, and risk assessments.
Mandatory Certification:
CISSP
CCSP or CCSE
Technical Certification ex. Cisco, Palo Alto, F5, etc.
Recommended Certification:
CISM
CSSLP
CEH
Security+
GIAC Certificates
Skills
Strong communication and presentation skills
Strong problem-solving and analytical skills
Proficient verbal and written English
Time Management skills
Primary Location
: Egypt-Giza-SMART VILLAGE BLDG. 3
Job
: Back Office
Organization
: COO
Shift
: Day Job Job Type : Full-time Employee
Refer a friend for this job
Tell us about a friend who might be interested in this job. All privacy rights will be protected.
