Gerges Anwar Rizk

Corporate Information Security & IT GRC EngineerFull Time

• Job Details:- design & document our governance documents (policies, processes, procedures, etc) based on the international standards and local regulations such as NIST, PCI-DSS, ISO27K, etc. - Assure that the approved cyber security policies, processes and base lines are well communicated and understood to all concerned teams. - assess and design mitigation plans for our information technology and security risks. - ensure compliance with information technology and security industry standards such as ISO27001, ISO22001, ISO22301, PCI-DSS, SWIFT, FRA Cyber Security Framework, etc. - Securing the sensitive data and critical assets according to the international security standards and best practices. - assess Information Security Awareness for both employees and customers - Conducting regular system audits to ensure that security controls are applied and effective - assess IT Business Continuity and Disaster Recover planning, testing and improvement.

Corporate Information Security EngineerFull Time

• Job Details:- Develop, Review and update cybersecurity policies based on the international standards and local regulations such as NIST, PCI-DSS, ISO27K, etc. - Define and update systems security baselines following the standards. - Assure that the approved cyber security policies, processes and base lines are well communicated and understood to all concerned teams. - Providing security consultation, assessing changes in security systems including IT and Telecom domains ensuring compliance with security controls. - Identify, assess security risks and update risk registry. - Securing the sensitive data and critical assets according to the international security standards and best practices. - Conducting regular system audits to ensure that security controls are applied and effective

Information Security EngineerFull Time

• Job Details:Active participant in 24x7 operations of the SOC. This includes proactively monitoring and providing near-real-time cyber security status and reports to enable timely decision-making for 24/7 operations. Monitoring SIEM resources for any component failure. Perform initial triage/investigation of alerts to identify false positives, policy violations, intrusion attempts and compromises. Escalating triaged alerts to Tier II Analysts for deeper analysis and review. Contribute in Incident report writing.