Egyptian Banks Company
WebsiteSr. Specialist, Information Security (Risk)
Company
Role
Sr. Specialist, Information Security (Risk)
Job type
Full-time
Found on Mokaru
2 weeks ago
Salary
Job description
- Reviews security requirements and assesses the security posture of current EBC systems and new projects to identify gaps or improvements based on risk assessments, threat modeling, and technical testing.
- Participates in design and initial implementation of new technical scrutiny controls.
- Handles risk management review, monitoring and reporting till it reaches to EBC risk appetite.
- Reviews and examines systems compliance against present security standards and the PCI DSS, PCI PIN Security, 3DS, TSP, ISO27001, etc.
- Audits different systems and all technical department operations against security standards and internal policies.
- Analyzes new application architecture against the security standards and best practice and provide security sign-off before live deployment.
- Asses the controls of different cloud platform used.
- Perform third party risk management activities according to EBC process.
- Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.
- Inspects for vulnerabilities and risks in hardware and software.
- Finds out the best way to secure the IT infrastructure of an organization.
- Review contracts from Information Security perspective.
- Handles audit requests whether internal or external.
- Carries out other tasks related to compliance activities as requested by management.
- Bachelor’s Degree in Engineering, Computer Science, Information Security, or a related field.
- 4 years of experience in Information Security, Cybersecurity, Risk Management, or related domains.
- Experience in information security design and implementation best practices.
- Participate in the design, implementation, and continuous improvement of information security controls and frameworks.
- Conduct security risk assessments and provide recommendations for risk mitigation.
- Support secure software development lifecycle (SSDLC) initiatives and security-by-design practices.
- Ensure compliance with cybersecurity standards, regulatory requirements, and industry best practices.
- Review and assess security controls against frameworks such as PCI DSS, PCI PIN Security, PCI 3DS, PCI TSP, ISO 27001, and the Central Bank of Egypt (CBE) Cybersecurity Framework.
- Collaborate with technical operations teams and business support teams to identify and resolve security risks.
- Coordinate with external vendors, banks, and third-party stakeholders on security-related matters.
- Prepare security reports, documentation, and presentations for management and audit purposes.
- Support security awareness, governance, and compliance activities across the organization.
