Senior Information Security Analyst
MTS -
Heliopolis, CairoPosted 2 years ago14People have clicked1 open position
Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
- Evaluate/assess Application Security Architecture and suggest recommendations. Provide best practices.
- Prepare Threat Models for Application security and recommend mitigations.
- Support administration of local and vendor managed security solutions for MTS environment.
- Analyze security threats, vulnerability assessments, and audit results to recommend security solutions that enable business objectives.
- Work with Application Engineering teams to ensure public access applications are designed and implemented with necessary security controls.
- Work with the Application Engineering teams to ensure Static Application Security Testing is performed as part of CI/CD. Provide guidance on remediation.
- Conduct Dynamic Application Security Testing. Review findings and engage Application Engineering teams for remediation.
- Provide security information assurance subject matter expertise support throughout the SDLC.
- Review and improve Access Management & Controls.
- Collaborate with other teams to support response efforts to security-related findings or concerns.
- Report on incident response metrics and provide assessment reports.
- Continuously improve the organization’s security stance and framework.
- Help to develop and maintain Security Best Practices manual/portal.
- Assist with the organization’s security awareness training program.
- Recommend and participate in the design and implementation of policies, procedures, standards, tools, and methodologies.
- Work with Security Operations Center to analyze and respond to alerts from automated logging, monitoring tools. Review and update the incident response and disaster recovery plans as needed
- Maintain up-to-date knowledge of the Information security industry, including awareness of new or revised security solutions and improved security processes.
- Keep a keen watch for new vulnerabilities and exploits and execute documented incident response procedures to deal with them.
Job Requirements
Experience & Skills
- 5-7 years of experience working in IT, and
- 5-7 years of experience in Information Security.
- Familiar with OWASP Top 10.
- Familiar with Threat Modeling tools/process.
- Familiar with SAST and DAST tools/process.
- Familiar with Identity and Access Management, IGA, PAM.
- Familiar with DevSecOps, CI/CD.
- Familiar with security best practices of IT networks.
- Familiar with security best practices of public or private clouds.
- Familiar with NIST SP 800-53, CSF.
- Experience managing security service providers to complete regular duties.
- Experience leading other team members.
Minimum Qualifications
Any combination of education and experience that would likely provide the required knowledge, skills, and abilities as well as possession of any required licenses or certifications is qualifying
- Strong knowledge of industry standards and best practices for Information Security
- Ability to set and manage priorities judiciously
- Excellent written and oral communication skills
- High Emotional Intelligence (interpersonal skills)
Education
- B.S. degree in Computer Science or related technical discipline or any other college discipline with additional 2 years of Information Security experience and CISSP certification.
Certifications
- Certifications such as CISSP, GCIH, OSCP, ISO 27001 LA are highly desirable.
Featured Jobs
Similar Jobs
- Network Engineer/ Network Tech...Smart Villages Development & Managment Company - Abu Rawash, Giza6 days ago