Job Description

Company:

MCV INDUSTRY ( egypt)-

Job Purpose:

Develop, implement and maintain MCV's security governance, risk management, and compliance program This role will ensure that MCV adheres ISO 27001:2022, applicable laws and regulatory requirements

Job Duties and Responsibilities:

Develop and maintain information security management systems & engineering governance policies, procedures and standards in alignment with regulatory requirements, ISO 27001, and industry best practices Develop, implement and maintain security policies, standards, procedures, guidelines and define KPI's & KRI's Stay updated on compliance requirements and relevant laws, regulations and industry standards relate to IT/OT security Identify, assess and prioritize information security risks across MCV Develop and implement risk management framework, guideline different stakeholders, develop risk register for monitoring and reporting on the status of risks & control effectiveness Conduct regular technical risk assessments and identify potential threats & vulnerabilities across MCV Develop and deliver security governance, risk and compliance training program Promote security awareness and compliance culture throughout MCV Familiar with SDLC & SSDLC, SecDevOps, help project managers to develop cybersecurity risk register for ongoing project, conduct periodic reviews aligned with mitigation controls Collaborate with internal & external stakeholders and provide technical guidance and support to management and IT, Engineering staff on ISMS, information security and GRC related matters Maintain accurate technical records and documentation, prepare and share regular quarterly report on ISMS program & MCV security posture

Job Skills and Abilities:

Knowledge:

-
Knowledge of relevant laws and regulations such as GDPR, EGDPL, PCI-DSS

-
Strong technical knowledge of IT / IS governance frameworks

Skills:

-
Excellent communication and interpersonal skills

-
Strong analytical and problem-solving skills with attention to details

-
Negotiation techniques

-
Conflict management & resolution

Abilities:

-
Ability to multitask and to manage multiple technical projects and priorities in very dynamic environment

Qualifications:

BSC in Engineering, Bachelor of Computer Science Professional certifications such as CISSP, CISM, CRISC, ISO 27001 lead implementer, ISO27001 auditor * 6 -8 years of experience