Senior Specialist, Information Security - Governance at Egyptian Banks Company

Cairo, Cairo, Egypt -

Full Time

Start Date

Immediate

Expiry Date

23 May, 26

Salary

0.0

Posted On

22 Feb, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Information Security Controls, Defense-in-Depth, PCI TSP, PCI PIN, SOC2 Type II, ISO27001, PCI-DSS, CBE Cyber Security Framework, Audit Management, Policy Development, Security Awareness Training, Phishing Simulation, Access Governance, Least Privilege, Risk Management, Information Security Assurance

Industry

Banking

Description

Apply defense-in-depth concepts and information security controls (Administrative, Technical, Physical, Operational, Deterrent, and Compensating controls) within day-to-day security activities. Support compliance activities related to information security frameworks and standards such as PCI TSP, PCI PIN, SOC2 Type II, and ISO27001. Perform PCI-DSS control activities and execute the relevant periodic compliance tasks. Support the implementation of controls under the CBE Cyber Security Framework. Manage and track different audit missions and provide the needed support to stakeholders in the remediation plan. Develop and review information security and corporate policies and processes to ensure alignment with information security standards and regulations. Execute and support the information security awareness program, including security awareness trainings, phishing simulation campaigns, and security awareness sessions. Assess new user access requests and review existing access permissions against the least privilege and need-to-know principles. Support information security assurance activities and risk management practices. Bachelor's degree in engineering, computer science or equivalent +5 years of relevant experience Reasonable knowledge of defense-in-depth and information security controls (Administrative Controls, Technical Controls, Physical Controls, Operational Controls, Deterrent Controls, Compensating Controls). Reasonable knowledge of information security compliance frameworks and standards such as PCI TSP, PCI PIN, SOC2 Type II, ISO27001, PCI PIN. Strong knowledge of PCI-DSS, including the controls and relevant periodic activities. Strong knowledge of the CBE Cyber Security Framework, including control implementation. Strong knowledge of the information security awareness program, including security awareness trainings, phishing simulation campaigns, and security awareness sessions. Strong knowledge of user access governance, including assessing new user access requests and reviewing existing access permissions against the least privilege and need-to-know principles. Basic knowledge of information security assurance activities and risk management practices.

Responsibilities

This role involves applying defense-in-depth concepts and various information security controls across daily security activities while supporting compliance efforts related to major frameworks like PCI TSP, SOC2, and ISO27001. The specialist will also manage audit missions, develop security policies, and execute the information security awareness program.