الوصف الوظيفي
About ZainCash: ZainCash Iraq is a leading mobile wallet in Iraq and recognized as Forbes top Fintech company of 2023 and 2024 as well as GSMA’s Best Mobile Innovation Supporting Humanitarian Situations. The company offers a range of consumer and business services including local and international money transfer, bill payments, companion payment cards, payroll, aid disbursement, and more. For more information, please visit www.zaincash.iq.Job summary:We are seeking a skilled officer - Cyber security with a strong background in Cyber security and a deep understanding of vulnerability, responsible for designing, implementing, and managing Zain Cash’s cybersecurity framework to ensure the security of IT infrastructure, systems, and sensitive data. This role involves proactive threat management, regulatory compliance, and collaboration with internal and external stakeholders to protect the organization from cyber risks and ensure business continuity. Key Responsibilities: Monitor and analyze real-time alerts and logs using security tools (e.g., SIEM, IDS/IPS). Perform regular vulnerability assessments and penetration tests to identify risks. Oversee and maintain endpoint security solutions, firewalls, and anti-malware systems. Develop and maintain an incident response plan. Investigate security incidents, perform root cause analysis, and recommend remediation. Coordinate with IT and external vendors during security breach investigations. Ensure compliance with cybersecurity regulations and standards, including PCI DSS, ISO 27001, and CBI requirements. Develop and update cybersecurity policies, procedures, and documentation. Conduct third-party risk assessments and security evaluations. Lead employee training sessions on cybersecurity best practices and phishing prevention. Work closely with the IT department to embed security into systems and applications. Provide expertise for secure system design and assist with implementing the least privileged principle. Liaise with auditors and regulatory bodies for security assessments and reviews. Stay updated on emerging cyber threats, technologies, and industry trends. Propose and implement enhancements to the cybersecurity infrastructure. Conduct post-incident reviews and recommend improvements.
