Governance Risk & Compliance (GRC Banking)
Pillars -
Cairo, EgyptPosted 2 years ago13Applicants for1 open position
- 9Viewed
- 5In Consideration
- 0Not Selected
Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
- Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
- Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.
- Plan and conduct security authorization reviews and assurance case development for new and existing installation of systems and networks to confirm that risk is within acceptable limits.
- Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
- Verify and update security documentation reflecting the application/system security design features.
- Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations.
- Develop security compliance processes and/or audits for external services (e.g., cloud service providers, data centers).
- Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risk.
- Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Assure successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals.
- Ensure that security design and cybersecurity development activities are properly documented (providing a functional description of security implementation) and updated as necessary.
- Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
- Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals.
- Conduct interactive training exercises to create an effective learning environment
- Develop new or enhance existing awareness and training materials that are appropriate for intended audiences.
Job Requirements
- At least 2 years of experience working in the same field as well as IT experience
- Holds Bachelor's degree in engineering, computer science, cyber security or any related field
- Preferably have one of the following certifications CCNA security, Comp TIA Security +, CISA, ISA27001
- cyber security and privacy principles
- Database systems
- Data backup and recovery
- RMF requirements
- Network access , identity and access managment (PKI, Oauth, OpenID, SAML, SPML)
- System and application security threats and vulnerabilities (e.g., buffer overflow,)
- Computer networking concepts and protocols, and network security methodologies.