Senior, IT Security Analyst Jobs in Dubai – UAE at BlueSnap, Inc
Title: Senior, IT Security Analyst
Company: BlueSnap, Inc
Location: Dubai – UAE
Category: Security, IT/Tech
Managing the Information Security Vulnerability assessment and risk mitigation process across the bank
Define, enforce, monitor and update the Security Baseline standards for all key technologies
Participate in the Change Approval Board (CAB) and review all Change requests from IT Security perspective to ensure the anticipated change does not have any negative impact on established IT security processes
Track and Monitor all audit findings related to IT Security enabling the timely closure of such findings / closing gaps as agreed during audit closure meetings
Track and monitor penetration testing and application security assessment findings/gaps, and ensure timely mitigation of such findings/gaps as agreed with the management
Maintain and timely update of the Risk register pertaining IT Security
Maintain privilege access management process across the bank
Assist Head of IT Security to maintain the security compliance related to regulatory, audit and certification standards including ISO 27001, NESA, Swift and PCI DSS
Define, maintain and update the vulnerability management process
Maintain Vulnerability status dashboard and Vulnerability mitigation tracker to ensure regular vulnerability assessments are conducted covering all key technology areas as per the established process
Review, maintain and document compensating controls for high risk vulnerabilities when there is no direct solution available to fix the vulnerability due to technology limitation or cost involvement
Ensure security baseline documents are defined, communicated and updated covering critical IT assets including databases, network devices, servers and end points.
Review all Change requests and service requests to ensure the anticipated change does not trigger new vulnerabilities / security process gaps
Maintain audit tracker, conduct regular follow up meetings with all stake holders and ensure the closure of audit gaps within the agreed timelines. Ensure findings are not repeated in subsequent audits.
Maintain application security and penetration testing status tracker and liaise with all stake holders
Review and update the risk register to ensure the most accurate risk posture is reflected at any given time.
Manage privilege access management system and ensure all critical system access are made though established process
Coordinate Security compliance process covering regulatory, audit and certification standards including ISO 27001, NESA, Swift and PCI DSS. Maintain and update the status tracker related to each of the compliance domains mentioned above.
Bachelor’s degrees in Computer Science, Information Systems or equivalent work experience are required.
CISA/CISM/CRISC/CISSP or well-known industry relevant certification is preferable.
Minimum 5 years in IT Security related work arena.
Experience in computer security operations, policies/standards, and IT Vulnerability, threat & risk management.
Knowledge of security frameworks, standards, and guidelines is preferred.
Excellent command of English, Arabic is a plus
Planning and organizing skills
Excellent Interpersonal relations skills