U3F1ZWV6ZTE5NzQyNzU0MDg5MDNfRnJlZTEyNDU1NDM2NDQ5NzU=

Information Security Engineer | Zain jobs

Information Security Engineer | Zain jobs

Information Security Engineer | Zain jobs
Information Security Engineer | Zain jobs



875BR
Khartoum
Zain SD


Job Description


Department/Section:. Enterprise Risk Management Dept
Job Title: Information Security Engineer
Reports to: Information security Manager

Job Purpose:

Be responsible for Information security within the Organization. Managing the implementation, monitoring and support of Information Security Policies and procedures. Conduct periodic risk assessment and audits, report incident and review change management. Propose information security initiatives to enhance the company security posture in all its activities the GSM NW, IT or the Digital Services and cloud infra structure.

Key Tasks/Accountabilities:
Responsible for protecting the confidentiality, integrity and availability of ZAIN SD information assets. Securing all information system resources from accidental or unauthorized modification, destruction or disclosure.
Ensure compliance of process with all applicable laws, security best practices and ZAIN SD policies related to information security.
Conduct risk assessment; propose mitigation and remediation strategies with cost-benefit analyses, and alternatives. Conduct audits, penetration testing , system health checks reviews and vulnerability scans. Use a combination of automated tools, manual methods, and interviewing techniques to gather the information necessary to report on security risks. Author written reports summarizing findings and recommendations.
Recommend, Evaluate, implement and support security solutions such as Zain encryption system and Zain events and log management systems .
Participate in the incident response team in a hands-on, technical role. Identify the root cause of security incidents. Recommend and implement solutions for limiting the scope of the incident. Eradicate any signs of intrusion. Work with Risk management team to recommend and implement additional controls to prevent future incidents.
Conduct security reviews on Information security projects. Attend meetings and review documentation as needed in order to identify security requirements for new and ongoing Information security projects. Design security solutions for new systems and applications.
Monitor the announcements of new security vulnerabilities. Identify vulnerabilities that are applicable to ZAIN SD systems and applications, determine their severity and urgency, work with system owners to determine if and when corrective action will be taken, and perform necessary actions to verify that corrective actions were effective. Help organization staff identify and correct poorly implemented security controls.



Maintaining and updating security policy documentation as and when required.
Provide security training to audiences from management to staff as appropriate
Manage relationships and agreements with contractors, suppliers and partners
Ensure self-development in information security best practices, methodologies, technologies and products to provide accurate input into the corporate business systems decision making process.
Develop contingency plans and ensure they are put into place and regularly reviewed/updated to mitigate risks/issues as the Zain SD customer base grows and the business expands

Typical Performance Measures:

Effectiveness of Information Security strategy
Effectiveness of Implementation, Management and Support of Information Security Initiatives
Effectiveness of Information Security “First Point of Contact”
Consistency and Quality of planning activities
Effectiveness of issue resolution/decision making/change control and risk management
Quality of relationships with internal customers/peers/suppliers
Delivery of outcomes to agreed quality standards and deadlines
Adaptability of work plans/resources in response to change


Dimensions:
Reports to Information Security Manager..
Accountable for maintaining Confidentiality, Integrity & Availability of critical Information assets.
Manages implementation, support, reviews, and updates of all Information Security Initiatives.
Conducts regular Information Security assessment and Audits, documents reports and presents to the Management




What Do You Need to Qualify


PERSON SPECIFICATION
Qualifications/Experience


Professional qualification – BSc in computer science , engineering or equivalent
Three years Experience information security field.
Implementation and Audit of ISO27001 based ISMS .
CISSP / ISO 27001 Information Security lead audit, System lead auditor, CISSP is preferable
Deep experience in a telecomm network environment.

Knowledge:
In-depth knowledge of ISO27001 and other international Standards and best practices related to Information Security is Mandatory.
Good understanding of Change Management and Incident Management processes and methodologies
Excellent understanding of business processes and business rules
Understanding of the relevant regulatory, legal and other contextual factors impacting the information security.
Understanding of GSM mobile operations, products and services
Broad understanding of the Mobile Telecomm industry. Local and international market conditions, regional political climate and communications regulatory policies.
Understanding of budgetary and resource management and control policies and processes

Skills:
To develop, interpret and apply best practice methods/processes
Writing documentation, giving presentations and teaching workshops
Leadership/management skills within a matrix management environment
Conflict handling and resolution skills
Highly developed communication and reporting skills (verbal and written) in both Arabic and English
Excellent planning and implementation skills.

Key behaviours for Success:

Analytical Thinking and Problem Solving
Creative thinker
Forward Planning
Commercial Awareness
Results Drive
Concern for Standards/Efficiency
Being Collaborative
Tenacity, Resilience and Self Management
Leads by example
Patience

ليست هناك تعليقات
إرسال تعليق

إرسال تعليق

الاسمبريد إلكترونيرسالة