Information Security GRC Team Leader

Full Time

Masria Digital Payment (MDP) -
New Cairo, CairoPosted 1 year ago

16Applicants for1 open position

2Viewed

0In Consideration
0Not Selected

Search other opportunities

Job Details

Experience Needed:

Career Level:

Education Level:

Salary:

Job Categories:

Skills And Tools:

Job Description

Delivery of Security GRC management and processes that get with Security Strategy.
Creation, implementation, and monitoring of information security polices, processes, exceptions, and change management requests assessment to automate and continuously monitor information security controls, risks, testing and incidents.
Develop and maintain a risk register and risk management framework.
Performing end to end IT solutioning/workflow risk assessment to identify potential risks and propose mitigation solutions.
Schedules regular assessments and testing of effectiveness and efficiency of controls and creates security metrics, dashboard.
Ensuring that requirements in PCI Standards, IT Audit, Security Standards, Policy, Compliance and Risk controls are met.
Updates security controls and provides support to all stakeholders on security controls covering internal assessments, laws and regulations.
Responsible for managing Third Party Risk management (review of NDA, SLA, SOC type II reports).
Performs and investigates internal and external information security risk and exceptions assessments.
Coordinate with Infrastructure and business systems Teams to implement identified controls, policies, and procedures.
Develop information security awareness materials to be sent to all corporate employees
Remains current on best practices and technological advancements and acts as the corporate’s technical resource for security assessment and regulatory compliance.
Performs other related duties as assigned.
Manage the ISMS and security standards (PCI DSS…) scope as well as strategic expansion across the globe.
Support the management of information security governance for the organization, ensuring adherence to policies and standards.
Work closely with the CISO to ensure key information security risks and issues are identified, addressed and resolved in a timely manner.
Coordinate periodic security assessment and prioritize and manage response activities.
Work closely with the Information Security Operations team; assist the CISO in providing oversight and challenge to the Fist Line of Defense team.
Assist with updating the Third-Party Risk Management framework including policy, procedures, due diligence questionnaires and the monitoring of third parties’ adherence to information security and data privacy obligations.
Assist with the client management aspects of the Information Security team, including client and potential client questionnaires; help design a more effective process including a self-service process and a library of standard responses.
Develop relevant metrics, analyze data, identify trends and help drive improvements to the control environment.
Assist the CISO in GRC and general information security issues as required, including interaction with the Security Operations team, Technology teams and business leaders.

Technical Skills:

Experience of leading an ISMS as part of an ISO27001 certified program.
Experience of leading PCI compliance and certification program.
Recent experience of working in a similar capacity in a financial services organization.
Excellent interpersonal skills, comfortable working at all levels within an organization and in a wide variety of situations.
Relevant industry certification (e.g. ISO 27001 Lead Auditor, CISSP, CISM, etc.) highly desirable.
Broad level of knowledge of security and risk issues and techniques across platforms.
Excellent knowledge of methodologies, processes and tools associated with supporting this function effectively.
Ability to understand and assess technology systems and applications from both a technical and business function perspective.
Ability to communicate business and technical risk to all levels of audience.
Ability to present security topics to a non-technical audience.
A good understanding of IT networking and access management concepts.
Knowledge of Information Security Risk management processes & assessment (ISO27005, NIST).
Strong demonstrated knowledge of Business Continuity Plan and Disaster Recovery Plan.

Job Requirements

Bachelor’s degree in Engineering, computer science or equivalent
Required 5 plus years of relevant experience
Security or relevant IT certification is a plus
Experience of implementation security policies and procedures within multination organization is MUST.
Familiarity with Third Party Risk Management, External and internal Audit.
good communication skills

Featured Jobs

Senior System AdministratorTopLine - Cairo, Egypt11 days ago
Senior .NET Developer - Nasr City, Cairo4 days ago
Senior Java Developer - Sheraton, Cairo8 days ago
Senior Technical Product Manag... - Zamalek, Cairo8 days ago
Senior CRM Engineer - Sheikh Zayed, Giza4 days ago
Senior Full Stack Developer - Cairo, Egypt19 days ago
Senior Odoo Developer - Haram, Giza24 days ago
Senior Odoo Developer - Maadi, Cairo25 days ago
Senior .NET Developer - Maadi, Cairo29 days ago
Senior Product Designer - Maadi, Cairo5 days ago

Similar Jobs

Network Security EngineerQsource - New Cairo, Cairo5 days ago
Senior Software Testerintrazero - Nasr City, Cairo2 days ago
DevOps Pre Sales EngineerEjada - Heliopolis, Cairo3 days ago
Senior IT System AdministratorDelta Capital for Urban Development - Dokki, Giza9 days ago
Security EngineerRashideen Egypt for Trade - Katameya, Cairo10 days ago
Cyber Security EngineerEgypt University of Informatics (EUI) - New Capital, Cairo11 days ago
Cybersecurity presales special...Prosoft Information Systems - Smart Village, Giza3 days ago
Security and Safety EngineerTalaat Moustafa Group - Madinaty, Cairo18 days ago
Oracle Database AdministratorNational Technology - Nasr City, Cairo4 days ago

Search other opportunities

Jobs Banking Information Security GRC Team Leader