Cyber Security Technical Lead - Mansoura, مصر - AXA Egypt

AXA Egypt
AXA Egypt
شركة تم التحقق منها
Mansoura, مصر

منذ أسبوع

Fatima Mahmoud

تم النشر بواسطة:

Fatima Mahmoud

beBee Recruiter
وصف
Ensure SDLC, Business Change and IT change management processes mature to deliver mandatory cyber and information security outcomes.

  • Develop and maintain AXA's Security Risk Process including assessing potential business impact that could result from a security breach, and the resultant value of the security of information; Identifying security weaknesses and vulnerabilities; Modelling security threat scenarios; Assessing the likelihood of such threat scenarios; Assessing the overall risk level and identifying and recommending appropriate controls to manage the risk.
  • Conduct Risk Analysis of existing systems, by review of current security status from existing IT and external Audit records and by review, consolidation and resolution of outstanding Information and Cyber security risk acceptances or noncompliance.
  • Provide Cybersecurity architecture best practices and Cybersecurity requirements in the other fields
  • Design, support the implementation and control the Cybersecurity of architectures
  • Ensure the Cybersecurity of AXA's critical systems (e.g. platform, solution, service)
  • Perform Cybersecurity watch
  • Upon request, provide assistance on other critical topics (e.g. incidents, vulnerabilities) Accountability
  • Provide Cybersecurity architecture best practices and Cybersecurity requirements in the other fields
  • Design, support the implementation and control the Cybersecurity of architectures
  • Determine Cybersecurity requirements in a way to fulfill business objectives and AXA Cybersecurity requirements
  • Plan, research and design robust Cybersecurity architectures
  • Including full product or information management covering the full lifecycle, Including DRP (Disaster Recovery Plan), log management, potential integration issues and cost constraints, when applicable
  • Anticipate possible Cybersecurity risks, identify areas of weakness, and respond effectively to possible Cybersecurity breaches
  • Remain up to date with the latest Cybersecurity systems, standards, authentication protocols, Cybersecurity solutions, software/component vulnerabilities and threats
  • Design, support the implementation and control the Cybersecurity of architectures
  • Acquire a deep understanding of technology (Information Systems and/or Industrial Control Systems)
  • Depending on the project, design concept / software / components/ infrastructure / Cloud based Cybersecurity architectures
  • Control that the Cybersecurity requirements are fulfilled during all the phases of the BCP (Business Continuity Plan) and DRP (Disaster Recovery Plan) when applicable
  • Follow the critical systems (platform, solution, service) during their whole life cycle:
  • Ensure Cybersecurity has been taken into account in the RFIs/RFQs/RFPs (Request For Information/Quotation/Proposal)
  • Advise on the architecture
  • Write/validate the Cybersecurity requirements
  • Advise on possible evolutions. Propose/contribute to a roadmap for improvement.
  • Assist in the Supplier selection.
  • Advise on the detailed architecture (e.g. review, reuse, change)
  • Control the Cybersecurity requirements, Before the Go-Live and during the Run
  • Whenever contractual obligations require it

Skills:


Experience, Knowledge and Skills:


Education & certification
Education

  • Bachelor degree in Computer Science, Engineering, or related field.
  • An MSc Information Security would be preferred
Certification

  • SABSA (Sherwood Applied Business Security Architecture)
  • CISSP-ISSAP (Information Systems Security Architecture Professional)
  • CISSP (Certified Information Systems Security Professional)
  • CSSA (Certified SCADA Security Architect)
  • OSCP (Offensive Security Certified Professional)
  • CEH (Certified Ethical Hacker)

Skills / Abilities

  • Extensive experience in Cybersecurity, indepth knowledge of Cybersecurity strategies and architectures
  • Extensive experience in Information Systems and/or Industrial Control Systems / IT risk management with a focus on Cybersecurity, performance and reliability
  • Solid understanding of Cybersecurity protocols, cryptography, authentication, authorization
  • Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework
  • Penetration testing/ Purple Team / Threat Intelligence / Threat Hunting or similar background, or demonstrable experience
  • Experience implementing multifactor authentication, single signon, identity management or related technologies
  • Ability to interact with a broad crosssection of personnel to explain and enforce Cybersecurity measures
  • Excellent written and verbal communication as well as business acumen.
  • Experience and strong knowledge in Cybersecurity
  • Knowledge of risk assessment models
  • Knowledge of auditing and reporting procedures
  • Ability to implement risk monitoring and testing procedures
  • Ability to build relationships with key stakeholders
  • Ability to understand broader business issues
  • Strong communication and presentation
المزيد من الوظائف من AXA Egypt
انظر جميع وظائف AXA Egypt