Job Description

Qualification:

Bachelor's degree in computer science, Information Security, or related field. Professional certifications on any of the below are highly valued. ISO 27001 Lead Implementer or Auditor CISA (Certified Information Security Manager) CISSP (Certified Information Systems Security Professional) CCSP (Certified Cloud Security Professional)

Exp : 3-5 Years in in information security or cybersecurity roles.

Arabic and English speaking - Male

Job Summary

A technical security person with technical expertise and soft skills, including a deep understanding of security frameworks and technologies, risk management, and the ability to communicate complex technical information to non-technical stakeholders. They must also be proficient in areas like network architecture, cloud security, oversee security policies, manage risks and compliance by playing a critical role in protecting our digital assets.

Key Responsibilities

Ability to translate security frameworks like ISR, NIST, ISO 27001, ISR into actionable technical policies and controls. Conduct risk assessments on a regular basis to identify vulnerabilities, and quantify the potential impact of threats on entities people, process and technologies and define mitigation strategies Perform risk analysis on any change or any new implementation by identifying threats, vulnerabilities, likelihood of occurrences and impacts for applications and systems Review current entity system baseline security measures and recommend controls Review network architecture, firewalls, security architecture, cloud security controls and services of cloud environment to check their security measures. Conduct compliance checks on entity applications/ systems and prepare gap analysis report identifying findings and recommend mitigations to support implementation of ISMS standards with entity strategies and regulations Review and ensure proper encryption techniques are used to protect sensitive data at rest and in transit. Evaluate and recommend encryption technologies and solutions to enhance data security. Coordinate with business teams to ensure the security signoff process to enforce security best practices across both cloud and on -premises Prepare reports to senior management highlighting the effectiveness of security controls on entity systems and infrastructure.

Skills

Strong knowledge of cybersecurity frameworks (NIST, ISO27001, ISR) Experience with security tools and technologies (e.g., GRC, PAM, DLP tools etc.) Excellent Analytical and problem-solving skills

Adaptability and continuous learning