Officer - Cyber Security

About ZainCash:

ZainCash Iraq is a leading mobile wallet in Iraq and recognized as Forbes top Fintech company of 2023 and 2024 as well as GSMA’s Best Mobile Innovation Supporting Humanitarian Situations. The company offers a range of consumer and business services including local and international money transfer, bill payments, companion payment cards, payroll, aid disbursement, and more. For more information, please visit www.zaincash.iq.

Job summary:

We are seeking a skilled officer - Cyber security with a strong background in Cyber security and a deep understanding of vulnerability, responsible for designing, implementing, and managing Zain Cash’s cybersecurity framework to ensure the security of IT infrastructure, systems, and sensitive data. This role involves proactive threat management, regulatory compliance, and collaboration with internal and external stakeholders to protect the organization from cyber risks and ensure business continuity.

 Key Responsibilities:

• Monitor and analyze real-time alerts and logs using security tools (e.g., SIEM, IDS/IPS).
• Perform regular vulnerability assessments and penetration tests to identify risks.
• Oversee and maintain endpoint security solutions, firewalls, and anti-malware systems.
• Develop and maintain an incident response plan.
• Investigate security incidents, perform root cause analysis, and recommend remediation.
• Coordinate with IT and external vendors during security breach investigations.
• Ensure compliance with cybersecurity regulations and standards, including PCI DSS, ISO 27001, and CBI requirements.
• Develop and update cybersecurity policies, procedures, and documentation.
• Conduct third-party risk assessments and security evaluations.
• Lead employee training sessions on cybersecurity best practices and phishing prevention.
• Work closely with the IT department to embed security into systems and applications.
• Provide expertise for secure system design and assist with implementing the least privileged principle.
• Liaise with auditors and regulatory bodies for security assessments and reviews.
• Stay updated on emerging cyber threats, technologies, and industry trends.
• Propose and implement enhancements to the cybersecurity infrastructure.
• Conduct post-incident reviews and recommend improvements.

Requirements

• Bachelor’s degree in information security, Computer Science, or a related field.
• 1-2 years of experience in information security, with a focus on application security and vulnerability management.
• Strong knowledge of OWASP Top 10 and other relevant security frameworks and best practices.
• Experience with vulnerability scanning tools and penetration testing methodologies.
• Understanding of secure coding practices and common software vulnerabilities.
• Experience analyzing and interpreting penetration testing and vulnerability assessment reports.
• Security certifications such as CEH, Security+ or EJPT are a plus.
• Strong communication skills with the ability to explain complex security issues to a variety of audiences.