- Offerd Salary Negotiable
- Experience 4 Years
- Gender Both
- INDUSTRY Banking
- Qualification Bachelor Degree
Job Description
- Build and maintain strong and effective relationship with all other related departments and units to achieve the Group’s goals/ objectives.
- Providing Information technology security risk advisory services, to various business initiatives, working with business sponsors, project staff, vendor partners, to deploy the most effective integrated technical solutions.
- Engineer solutions and undertake advisory services to drive compliance against QNB policies, regulatory requirements and industry best practices such as ISO 27001, PCI DSS, ITIL, SABSA and COBIT.
- Support the security incident response process as a subject matter expert and lead forensic analysis exercises.
- Manage post-event reviews to identify root causes and highlight corrective actions.
- Respond to information security issues during each stage of a project’s lifecycle
- Mitigate risks by creating project plans for specific implementations, configuration changes, software installations, or ‘hot fixes’ identifying resources needed from the Information Technology department. Also, work with the Head of IT Security to coordinate and schedule actions.
- Coordinate with other departments to solve IT security issues
- Research and propose information security products and services to protect and enhance the Group’s defences form cyberattacks both at the infrastructure and application.
- Recommend network, software and technology modifications.
- Establish baseline standards for infrastructure systems.
- Design and Develop Key Risk Indicators (KRIs) to evaluate QNB’s risk exposure from IT Security risks.
- Bachelor/ Masters Degree in computer science, computer engineering or related subjects.
- Professional certification such as CISSP, CISM, CISA is mandatory
- Solid knowledge of industry best practices such as ISO 27001, PCI DSS, ITIL, SABSA and COBIT.
- Knowledge and certifications in network / application / System Security is considered a plus
- Minimum of 6 years’ experience in a major bank or large corporate in an information security engineering capacity.
- Deep understanding of infrastructure and application security controls.
- Ability to communicate information security-related concepts to a broad spectrum of technical and non-technical staff.
- Risk Management skills (risk identification, risk assessment, risk mitigation)
- Maintain an understanding of all pertinent regulations as well as best practices pertaining to information security.
- Excellent oral and written communication skills in English
1. Resume / CV