تفاصيل وظائف مصرف أبو ظبي الإسلامي
تفاصيل وظائف مصرف أبو ظبي الإسلامي
Cyber Security Analyst/Senior Analyst
About the job
Strategic objectives:
Support Information security strategic program milestones
Functional Objective:
Information Security Program
Technical implementation of the Information security program and following actionable plan with IT.
Build Security Matrix for different access
Establish reporting communications that support Information Security IT Governance activities
Ensure implementation of necessary information security policies, standards, procedures and guidelines.
Review the plan and test results of disaster recovery
Risk Identification, classification ,assessment and evaluation
Assess controls for information systems ( all IT systems) during the requirements, acquisition, development and testing phases for compliance with the Information Security policies, standards, procedures and applicable external requirements ,ensure Information security risks are addressed which could lead to organization financial and reputation loss.
Evaluate the readiness of information systems ( All IT systems)for implementation and migration into production and Conduct post-implementation reviews of systems to determine whether Information System deliverables, controls are complied with Information Security policies, standards and ensure Information security risks that could lead to organization financial and reputation loss are addressed.
Assess the design, implementation and monitoring of system and logical security controls to verify the confidentiality, integrity and availability of information, this to ensure overall Information Security that could lead to organization financial and reputation loss if data is breached.
Maintain a risk register to ensure that all identified risks highlighted with related accountability, Monitor existing risk to ensure that changes are identified and managed appropriately.
Assemble risk scenarios to estimate likelihood and impact of significant risks to the Information systems, Correlate identified risks to relevant business processes to assist in identifying risk ownership.
Analyse risks, incidents and interdependencies to determine their impact on IT Systems and relative business objectives.
Develop Information Security Standards and Baselines aligned with Information security polices
Assess and Evaluate the non-business application access (VPN, Internet, etc) that can be easily integrated into Identity management solutions and technologies adopted by the bank.
Monitor the information systems (IT systems) control design and implementation processes against Information Security baselines and standard to ensure it is implemented effectively and within time.
Enable the measurement of IT Information security processes
Risk and Control Monitoring
Identify the gap between current and desired risk levels to manage risk ,evaluate information security controls to determine whether they are appropriately and effectively mitigating the risk to defined acceptable level
Facilitate independent risk assessments and risk management Process review to ensure that they are performed efficiently and effectively
Monitor and Communicate key risk indicators (KRIs) and Management activities to assist relevant stakeholders in their decision-making Process
Identify and report on risk including compliance to initiate corrective action and meet business regulatory requirements
Ensure that risk assessments, vulnerability assessments and threat analysis are conducted periodically and consistently to identify risk to the organization’s information.
Information Security Risk Response
Identify Risk Response Options and provide IT managers with information to enable risk response decisions
Apply Risk criteria to assist in the development of the risk profile for management approvals
Review risk responses with the relevant stakeholders for validation of efficiency, effectiveness.
Information Security Risk awareness
Provide and conduct training for IT Staff to ensure their understanding to risk and promote a risk-aware culture.
Measure the understanding of IT staff against the security awareness objectives
Reporting
Communicate to Infrastructure Information Security Manager the status of the IT Security Program progress
Minimum Qualifications
BSC in Communication Engineering or computer science
Minimum Experience:-
3-5 +years of IT & Security experience
SANS security certificates are preferred
Job Specific Skills
Participating in IT security initiatives
Participating in analyzing, and implementing solutions in support of business objectives.
Regulatory knowledge (CBE, PCI,..)
Updated Security Threats and Vulnerabilities
Business Continuity and Disaster Recovery experience/knowledge
Risk evaluation
Generic Skills
Planning and Time management skills
Communication Skills
Creativity thinking
Dynamic , continuous improvement and Learning and crises management
Documentation and Organization
وظائف قد تهمك ،