Cyber Security Management Head
On-site Cairo, Cairo Governorate, Egypt 0036
Description
1. Manage the cyber security management resources and ensure proper segregation of functions and capacity management to support different business and technology initiatives/requirements.
2. Lead The information security analysis function to ensure adequate definition and implementation of security controls requirements within the secure software development and acquisition lifecycle processes
3. Lead the information systems security management function to ensure defining and deploying the required security baselines/configurations and controls across all technology layers (infrastructure, network, platforms,etc)
4. Lead and manage offensive security exercises and ensure proper implementation of the different offensive security models and testing (such as: Red teaming, purple teaming, etc)
5. Collaborate and work closely with the SOC team to ensure adequate implementation of controls and addressing gaps resulting from adversary simulation exercise, and other offensive security testing.
6. Establish the agile security framework that ensures adequate integration of security within the DevOps processes applied within any agile development lifecycle within the organization to ensure DevSecOps concepts are in place and fully integrated within the respective processes and frameworks
7. Work closely with information security team to review and validate outcomes and outstanding issues resulting from penetration tests, etc to ensure that cross collaboration within different security teams is in place to tune controls as needed to protect against identified issues/threats.
8. Provide guidance and support on secure coding practices, secure design principles, and security risk mitigation.
9. Ensure proper implementation of the bank’s security policies, standards, and procedures to ensure compliance with industry regulations and standards, and the confidentiality, integrity, and availability of an organization's information systems and data
10. Evaluate and recommend security tools and technologies within the CI/CD pipeline
11. Collaborating with both development and operations teams to create a seamless flow of work and maintain an agile workflow.
12. Oversee the static and dynamic code scanning process throughout SSDLC and SSALC processes.
13. Provide support to SOC Incident Response team when needed, and guidance and recommendations to IT and Security teams on improving security measures.
14. Participate in the development of the Security Operations Center strategy in line and Group strategy to ensure vertical and horizontal integration with other interfacing initiatives and departments across the bank
15. Participate in the development of the Security Operations Center policies, processes and procedures to ensure the fulfilment of all relevant procedural/legislative requirements.
16. Manage the day-to-day operations of Cyber Security Management providing guidance, encouraging teamwork and facilitating related professional work processes in order to achieve high performance standards.
17. Liaise with internal and external parties at the appropriate levels to ensure smooth flow of interactions.
18. Contribute to the preparation of the Security & Resilience Management budget, and monitor the financial performance of a given area of activity versus set budget to ensure alignment
19. Manage the effective achievement of Cyber Security management objectives by setting individual targets, developing and motivating staff, providing of formal and informal feedback and appraisal in order to maximize subordinate and department performance
Requirements
§ Bachelor’s degree of Engineering, Computer Science or equivalent.
§ Minimum 10 - 12 years of working experience in IT Security and / or any related fields
§ Good knowledge of IT security standards such as ISO 27001, PCI DSS and NIST standards.
§ Strong understanding of Firewall/NIDS/DLP.
§ Vulnerability Security scanning e.g., Nessus.
§ VMWare VSphere and associated technologies.
§ LAN & WAN networking using routers, switches and infrastructure products.
§ Identity and access management systems.
§ Authentication Technologies
§ Understand intruder’s techniques
§ Recommended Certifications:
o CISSP
o GCIH
o CISM
o CEH
Skills
§ Excellent command of English and Arabic languages
§ Strong Communication and Presentation skills
Strong Leadership skills
