كبير مهندسي الأمن السيبراني Senior cyber security Engineer | EBS

كبير مهندسي الأمن السيبراني Senior cyber security Engineer | EBS 

كبير مهندسي الأمن السيبراني Senior cyber security Engineer | EBS
كبير مهندسي الأمن السيبراني Senior cyber security Engineer | EBS 

Electronic Banking Services Co. Ltd.

POSITION: Senior CyberSecurity Engineer
Reports to: Head of CyberSecurity & GRC

Job Goal:
supporting risk management program, conducting risk and Business Impact Assessments (BIA)
• continuously monitoring and improving security compliance by examining.
interviewing, testing, and reporting security controls.
• security policy development and enforcement, Enterprise-wide network architecture, Network service resilience, network security vulnerability management, network forensics, network access controls, Threat intelligence, support the multiyear network segmentation & Zero-trust initiative, 3rd party risk management, inci-
dent response, regulatory, and compliance requirements.
• support application security reviews and threat modeling.
• code review and dynamic testing, application security vulnerability management, digital forensics, support
the releases of new Software modules & APIs

Duties & Responsibilities:
• Develop and maintain security architecture and policies based on business needs and risk assessments.
• Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the
corporate data, systems, networks & Applications.
• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate re-
repeatable task.
• Oversee and/or perform the design, automation, and deployment of EBS Security Operation Center - SOC
and other supporting infrastructure program activities, such as Security Orchestration and Automation -
SOAR, Network Segmentation & Zero-Trust architecture.
• Constantly maintain awareness of all known vulnerabilities in technologies used within EBS and its attack
• Research any reported or suspected network/application vulnerabilities on open-source intelligence, Vendor
advisory boards, Common Vulnerabilities, and Exposures (CVE).
• Coordinate and track information technology and security-related external and internal audits including
the scope of audits, departments involved, timelines, auditing agencies, and outcomes. Works with auditors/ assessors as appropriate to keep audit focus in scope, maintains excellent relationships with audit entities to
ensure successful maintenance of Banking & Payment industry-related certifications.
• Perform cyber risk assessments, risk mitigation tracking and reporting of residual risk, security control
gap assessments, security architecture reviews, and threat modeling, to identify gaps, recommend solutions,
and drive the gaps to completion.
• Apart from the SOC senior team members, Perform and review technical risk assessments; reviews of new and
existing applications, systems, and networks, reviews of account permissions, computer data access needs, security violations, and changes requests.
• Act as Security Change agent, review and validate Change Requests in liaison with other concerned parties.
• Assist with metrics & objective setting for the CyberSecurity Programs.
• Assist with the development of requirements for, and take part in, CyberSecurity and technology projects,
frameworks & best practices.
• Develop secure coding & secure design principles and assist in the development of automated security testing to
validate that secure coding best practices are being used.
• Assist in the improvement of SDLC practices including code reviews, static/dynamic code analysis, and vulnerability assessments.
• Ensure continuous improvement to mature CyberSecurity processes on the CMMI model.
• Ensure successful implementation & continuous maintenance of programs such as ITIL, ISO 27000,
• Ensure knowledge transfer among teams, junior staff mentoring, and evaluation to facilitate department
succession plan & career roadmap.
• Ensure Playbooks are updated and relevant to the emerging threat landscape.
• Champion the use of an open-source tool such as MITRE ATT&CK Framework to validate EBS security controls
against the behavior of well-known attacks.
• Participate in updating the department induction program and new staff onboarding manual.
• Participate in Security awareness & Training programs to mitigate internal/external security risks.
Bachelor's degree in Computer or Engineering-related studies.
• 5 to 7 years of experience

Interested applicants can send
their CVs at:

with Subject line
"sr.cybersecurity engineer"
Closing Date: 28-June-2022
Only shortlisted will be contacted
ليست هناك تعليقات
إرسال تعليق

إرسال تعليق

الاسمبريد إلكترونيرسالة