Senior Information Security GRC

Senior Information Security GRC is required.

Key responsibilities:

• Experience in Implementing ISMS, performing internal reviews, drafting and enforcing policies in accordance with Central Bank of Egypt regulation, ISO 27001, and PCI-DSS.
• Experience in PCI-DSS remediation and certification audit.
• Experience in defining cyber security policies, standards and procedures.
• Ability to perform internal information security reviews and governance compliance.
• Knowledge of cyber security architecture, infrastructure and application hardening.
• Exposure of industry accepted best practices in cyber security.
• Assist in implementation of Information Security Management System in compliance with Central Bank of Egypt, PCI-DSS and ISO 27001 across organization.
• Assist in implementation of PCI DSS compliance.
• Assist in drafting, maintaining and enforcing policies, processes, procedures and controls in accordance with PCI DSS.
• Formulating detailed reports of internal reviews and periodic assessments.
• Conduct organization wide information security awareness training.
• Experience in performing risk assessment.
• Must have experience in implementing the NIST Cyber Security Framework or similar frameworks.
• Ability to perform risk Management (exposure to GRC tools is preferred).

Education:

• Bachelors degree in Computer Science, Information Technology, Cyber Security, or any related field.
• Minimum 3 years relevant work experience.
• ISO 27001 Lead Implementer (is a must).
• Cyber security certifications (i.e., CISSP, CISM) are plus.

Essential skills & attributes:

• Good communication and presentation skills.
• Ability to work within a fast-paced & unstructured environment.
• Must be able to multi-task and effectively and continually priorities.