| JOB NAME |
Assistant Manager, Information Security, Governance and Risk Management –Information Technology [Cairo, Egypt]
POSTED BY: African Export and Import Bank AFREXIMBANK Egypt
REF:AFREXIM 2003
Date Published:Wednesday, July 10, 2024
Date of Expiration:Monday, January 6, 2025
RECOMMEND THIS JOB ON FACEBOOK
|
|
|
| LOCATION OF THIS JOB |
 Egypt | CAIRO in Egypt |
| INDUSTRY |
| DEVELOPMENT FINANCE INSTITUTIONS
|
| JOB TYPE |
| Full-Time |
| MAIN JOB DESCRIPTION |
Working time Full-time
Location Cairo, Egypt
Deadline 07/21/2024
Reference LJBLR-ISGRM -0014
NATURE & SCOPE
1. The objective of the function is to play a critical role in supporting the development, implementation, and maintenance of information security policies, procedures, and practices to protect Bank’s sensitive information and assets.
2. He will collaborate with various teams to assess risks, identify vulnerabilities, and implement effective security measures to mitigate threats.
SPECIFICALLY, THE FUNCTION aims to:
1. Assist the Bank in Information security governance and risk management activities.
2. Assist the bank in attaining information security objectives through development of policies, guidelines & procedures.
3. Ensure security policies and procedures are being implemented and maintained.
4. Assist in regular internal and external audits exercise.
5. Support the day-to-day operations of IT Security and Risk Management
DUTIES AND RESPONSIBILITIES:
The core tasks, duties, and responsibilities are listed below:
1. Policy and Procedure Development: Collaborate with senior management and stakeholders to develop and update information security policies, procedures, and guidelines in accordance with industry standards and regulatory requirements.
2. Risk Assessment and Management: Conduct risk assessments to identify potential threats and vulnerabilities to the Bank’s information systems and assets. Develop risk mitigation strategies and ensure their implementation across the organization.
3. Security Awareness Training: Develop and deliver security awareness training programs to educate employees about information security best practices, policies, and procedures. Foster a culture of security awareness and compliance throughout the Bank.
4. Incident Response and Management: Assist in developing and maintaining an incident response plan. Respond to security incidents promptly, investigate root causes, and implement corrective actions to prevent recurrence.
5. Security Monitoring and Analysis: Monitor security systems and tools for suspicious activity, analyze security logs and reports, and investigate anomalies. Take proactive measures to detect and prevent security breaches.
6. Compliance and Audit Support: Assist in ensuring compliance with relevant laws, regulations, and industry standards (e.g., GDPR, HIPAA, ISO 27001). Support internal and external audits and regulatory inspections.
7. Third Party and Vendor Risk Management: Assess the security posture of third party vendors and service providers. Review contracts and agreements to ensure compliance with security requirements and standards.
8. Security Incident Reporting: Prepare and present regular reports on information security incidents, trends, and metrics to senior management and stakeholders.
9. Provide recommendations for improving the organization’s security posture.
10. Perform continuous security assessment of the bank’s information systems security architecture.
11. Perform continuous risk and control security assessment.
12. Conduct regular logical access review and assessment.
13. Stay abreast of emerging cloud technologies and proactively assess and evaluate the adoption thereof.
14. Responsible for the thorough documentations of implementations, via technical documentation and runbooks
15. Stay abreast of emerging security threats, vulnerabilities and controls and proactively provide recommendations and remediations.
|
| REQUIREMENTS FOR THIS JOB |
SKILLS, KNOWLEDGE, AND ATTITUDE
1. Strong understanding of information security principles, standards, and best practices (e.g., ISO 27001, NIST Cybersecurity Framework).
2. Experience conducting risk assessments, vulnerability assessments, and penetration testing.
3. Excellent analytical and problem-solving skills, with the ability to assess complex security issues and recommend effective solutions.
4. Experience with Linux, Windows operating systems and cloud provider ecosystems such as Amazon AWS and AZURE is a must.
5. Practical knowledge of AWS foundation services related to compute, network, storage, content delivery, administration, security, deployment, and automation technologies.
6. Experience in architecting, designing, and programming applications and ample experience in high level programming languages such as C++, C#, Java, Python, Visual Basic
7. Good understanding of security assessment framework such as CIS benchmark and NIST
8. Experience with security tools and technologies (e.g., SIEM, IDS/IPS, DLP, endpoint protection).
9. Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate security concepts to non-technical stakeholders.
10. Ability to work independently and prioritize tasks in a fast-paced environment.
11. Excellent verbal and written communication skills in English.
12. Willingness to travel and to work long hours where required to achieve the Bank’s objectives.
QUALIFICATION AND EXPERIENCE
1. Bachelor’s degree in computer science, Information Technology, Computer Engineering, Engineering, Management Information Systems or Computer Engineering or other relevant degree from a recognized University, a
2. Master’s degree in a relevant field or a recognized professional qualification in lieu;
3. Relevant security certifications such as ISC2 CISSP, CISA, CISM, SANS, OSCP, CEH, equivalent security-related industry certifications
4. Minimum of 5 years of proven experience in information security, risk management, or related roles
BENEFITS AND CONTRACTUAL INFORMATION:
1. Permanent
2. Willing and able to relocate to Cairo, Egypt
3. Suitably qualified candidates are encouraged to apply.
If you wish to apply for the position, please send your CV to Lara Joubert at ljoubert@caglobalint.com
|
|
English 
FRENCH
