31 Mar, 2020
VINIRMA Consulting Pvt. Ltd . is a 360° Human Resource Management Consulting and Staffing Services Organization.
VINIRMA Consulting is currently looking for Senior Information Security Officer for one of its clients which is a Business Consulting, IT Solutions and Services company in Qatar with the following terms and conditions.
Bachelor’s degree in IT/ /Computer science. Higher related degree is an advantage.
Information security education qualifications (undergraduate degree or higher in Information Security) or professional qualification (ISC2 CISSP, SANS GIAC or CompTIA Security+ or higher).
5-7 years relevant experience in Information Security.
Experience in the banking sector is preferred.
Job-Specific Skills (Generic / Technical):
Knowledge of the banking sector in Qatar and the region. (preferred)
Good working knowledge of information security standards, e.g. ISO 27001, PCI DSS, ISO 31000 and COBIT.
Good working knowledge of regulatory and industry security specifications e.g. payment card industry (PCI, MasterCard, Visa) and regulatory bodies (financial service and central bank authorities).
Preferably knowledge of local laws and regulations (State of Qatar, Qatar Central Bank, SWIFT, NAPS).
Preferably banking experience or knowledge of banking operations especially around payments and alternative /electronic channels.
Solid knowledge and experience of information technology hardware and software
Solid Knowledge on Vulnerability Assessment tools such as Nessus, Nexpose and/or Qualys.
Good knowledge in conducting information security risk assessment (GRC tools use is recommended)
Good working knowledge on running phishing campaign using tools such as Phishme (Cofense) or similar tools.
Good knowledge around IT Security solutions such as (Firewall, WAF, NAC, IPS and SIEM)
Knowledge of latest IT developments and trends.
Knowledge in system integration and administration.
Creative, logical thinking and able to influence all parties (senior and junior).
Good communication and presentational skills.
Ability to work under pressure.
Planning and organising skills.
English language is required. Arabic language is an advantage.
Policies and Procedures
Assist the Information Security Manager in developing and implementing Information Security Policies and Procedures for the.
Perform all work in accordance with departmental and bank-wide policies, processes, procedures and instructions so that work is carried out in a controlled and consistent manner while delivering a high quality and cost-effective service to customers.
Suggest improvements to policies, procedures, principles and standards for operational improvements or due to changes in best practices and/or regulation.
Monitoring, reviewing and ensuring the implementation of the Information Security Policies and Procedures across the Bank.
Conduct periodic vulnerability assessment and penetration testing across all Bank Infrastructure.
Implement local security practices, communicate and update them as appropriate across the Bank departments
Monitor and Audit security practices.
Assist the Information Security Manager in establishing and maintaining the Information Security Incident Management Framework
Implement and monitor the execution of information security incidents/attacks and assist in recovery from those incidents/attacks
Maintain documentation for audit and regulatory purposes.
Provide advisory and keep up to date on Information security threats, technologies and techniques, and ensure the threat landscape is understood and raised with the concerned departments for remediation
Develop plans and procedures for operational security tasks and incidents.
Perform the operational security procedures on the bank’s infrastructure security and monitor for improvements and effectiveness.
Assist the Information Security Manager in developing, presenting and communicating the materials necessary for the Information Security Steering meetings
Develop, monitor and ensure implementation of security guidelines and hardening across the bank infrastructure.
Department and project advisory
Provide appropriate technical security advice and support to Information Security department project
Review, analyse and security assess the bank IT projects from information security perspectives.
Assist the Information Security Manager in developing and implementing Information Security Awareness Program to all Bank employees
Maintain the security awareness training material and monitor the effectiveness of the training.
Conduct phishing campaigns and awareness simulations/quizzes to measure the effectives of the awareness program.
Relationship building and influencing
Build relationships with key stakeholders and peers to ensure information security has an appropriate focus.
Influence key stakeholders and peers to ensure security is effective.
Information Security Risk Assessment
Assist the Information Security Manager in performing and conducting risk assessment that will validate the security architecture and uncover flaws that need attention.
Legal, Compliance and Regulatory obligations
Update the Information Security Steering members with any new regulations and compliance requirements related to the Information Security of the Bank.
Assist the Information Security Manager in conducting gap analysis and ensuring the Bank is in compliance with Information Security regulations and Law.
Perform other related duties or assignments as directed.
To act as back-up in the absence of a colleague
Terms and conditions
Joining time frame: 2 weeks (maximum 1 month)
Should you be interested in this opportunity, please send your latest resume in MS Word format at the earliest at nishanthini.suda @vinirma.com or call us +91 (0)471 4012246
VINIRMA Consulting Pvt. Ltd.