InfoSec Risk Consultant

New Cairo, Egypt

MigrationIT

MigrationIT connects employers with IT professionals who are equipped to fulfill an employer’s distinct IT needs. The agency provides IT talents for several industries, including healthcare, banking, insurance, software development, retail,...

View all jobs at MigrationIT

Apply now Apply later

  • Develop and update annual Information Security RCSA review for Information Security function in FAB Egypt.
  • Perform annual information security review for the IT infrastructure and applications,
  • Maintain technology risk registers on archer and ensure identified risks are remediated according to security guidelines.
  • Acting as second eye and checker to for IT-RCSA reports to support other functions.   
  • Coordinate with third party assessors to maintain Risk Assessment reports to support bank accreditation (PCI-DSS, ISO 27K, ISO 22301K, etc.) and Attestation.
  • Coordinate with IT for Risk control self-assessment of IT service catalogue services including Define, monitor and measure KPI’s, and KRI’s
  • Coordinate with Internal, external, and regulatory auditors for security risk management domain.
  • Review IT concept design, solution design, applications, and documents to identify security risks.
  • Perform Technical Risk Assessment activities on major infrastructure changes/ IT Projects to ensure that mandatory controls are implemented.
  • Coordinate with SOC team to identify and escalate unauthorized changes to critical IT assets performed by IT. Escalate violations to disciplinary actions.
  • Review projects BRD document ensuring that Information Security is primary stakeholder in business project, and that project implementation shall follow Bank Information Security & BC standards and aligned with CBE regulations.


Requirements

  • University degree and minimum experience of 4-9 years in the fields of information security
  • Experience of risk assessment methodology and approaches according to international standards, best practices, and frameworks.
  • Knowledge of organizational processes and procedure.
  • Background and experience in Cybersecurity and risk management.
  • Knowledge and experience of Cybersecurity controls and best practices.
  • Ability of conduct risk assesses to identify gaps, recommend required control and monitor treatment actions.
  • Hand-on experience of Governance, Risk, and compliance tools.
  • Very Good command of English language.
  • Adequate knowledge in local and international Information security standards eg CBE regulation, ISO27001, PCI-DSS 3.2.1, NIST.
  • Good analytical skills.
  • Project management skills.
  • Experience in banking operations.
  • Preferred certifications ,CRISC ,CISSP ,ISO27001LA/LI.

 



Apply now Apply later
  • Share this job via
  • 𝕏
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  3  2  0

Tags: Banking CISSP Compliance CRISC Governance ISO 27000 ISO 27001 IT infrastructure KPIs NIST Risk assessment Risk Assessment Report Risk management SOC

Region: Middle East
Country: Egypt

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.