Information Security Manager.Egypt- Information Security.Risk Management

Maintain an Information Security Management System (ISMS) across the organization to ensure highest standards of information security are setup and maintained in the bank in accordance with the internal policies and regulatory requirements.

• Maintain an Information Security Management System (ISMS) to protect the bank’s information assets in accordance with a determined risk profile.
• Assist/enable business to comply with the regulatory requirements on Information security.
• Support development, documentation and implementation of security policies, procedures for the organization.
• Monitor compliance with the organization’s security policies and procedures among employees, consultants and other third parties and refer problems to appropriate department managers or administrators.
• Perform and/or coordinate information security risk assessments to ensure the confidentiality, integrity and availability of information assets.
• Coordinate the review of the security architecture and mechanisms, and recommend security controls in line with internal policies and regulatory requirements.
• Report and coordinate information security incidents and breaches responses in the organization and drive for appropriate changes.
• Facilitate, and foster activities to create information security awareness within the organization 
• Coordinating internal Information Systems and Security reviews, to ensure compliance of existing systems with prescribed standards and policies (internal & external)
• Keep abreast of security incidents and act as primary control point during significant information security incidents. Convene a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidents that arise.
• Follow Bank-wide information security initiatives to address unique needs in protecting identity, mobile social media security and online reputation program.
• Align security practices/procedures to the well-known information security standards/guidelines such as ISO27001, PCI/DSS, NIST, etc.

• Sound knowledge of IT environment including infrastructure, systems, database, process etc
• 5+ years Relevant experience in all the security domains/areas including governance, policy procedures, security incident response, security management, etc
• Professional security certifications such as CISSP, CISA, CISM, CEH, SANS, Lead Auditor ISO27001, CRISC, etc, is desirable
• Strong interpersonal, analytical and technical skills.
• Knowledge of Banking environment is a plus that includes knowledge of banking applications and processes.