Information Security Officer - Security Architecture
DOHA BANK
قطر
6d ago
source : tanqeeb

Work Responsibilities

  • Responsible for day to day review and escalation of PAM & DAM alerts and initiate immediate actions.
  • Responsible for ensuring necessary security controls are part of technical designs, Change Management Process / approvals and suitable escalation to CISO.
  • Participates in governance processes to ensure consistent technology life cycle management / Capacity Management
  • Responsible for establishment and implementation of security standards that guide the design of technology solutions
  • Builds consensus around principles of security architecture and interprets and clarifies these principles and Participate in IT security efforts across all business areas and client groups
  • Participates in project teams contributing input with regard to technology vision, opportunities and challenges, Information Security Risks and strategies for remediations from inception to implementation of projects.
  • Facilitates project hand-offs including preparing documentation, educating and supporting to ensure smooth transitions

  • To ensure IT department adheres Banks Information Security architecture standards, ensuring technology standards and best practices are maintained across the organization and contribute in designing and maintaining Enterprise architecture strategy.
  • Maintains operational, architectural and design documentation including procedures, task lists, and architecture blue prints
  • Preparation of new Technology requirements and relevant procurement process / evaluation and necessary documentation. Lead the technical evaluation, selection and implementation of technology solutions including providing detailed analysis of pros and cons and build vs buy options
  • Evaluate strengths and flaws in security architecture including performance, confidentiality, integrity, availability, access and total cost of ownership
  • Responsible for governing enterprise Security operations including security monitoring and security metrics to evaluate effectiveness of the enterprise security program and established controls
  • Troubleshoots, recommends and executes action plans for issue resolution
  • Selects and designs tools that allow reuse of design components and patterns between projects
  • Promotes implementation of new technology, solutions and methods to improve business processes, efficiency, effectiveness and value delivered to customers
  • Continually works to enhance breadth and depth of knowledge and experience. Benchmarks technology strategies and architectures.
  • Monitors and anticipates trends and investigates organizational objectives and needs. Prepares benchmarking reports and presentations

  • Mentor and coach other IT staff to provide guidance and expertise related to Infrastructure security best practices from time to time.
  • Consult with application developers, systems administrators, and IT Security to demonstrate security testing results, explain the threat presented by the results, and consult on remediation
  • Communicate security issues to a wide variety of internal and external stake holders (as needed) including technical teams, executives, risk groups, vendors and regulators
  • Critical thinker and problem solver
  • Excellent organizational and time management skills.
  • Technical Skills Required

  • Hands on knowledge on Technologies : PAM, DAM (must)
  • Working Knowledge of Technologies / tools : Routers , Switches, Firewalls, IPS, DDOS, EDR, Scanning tools, SIEM, SSL , Cloud Architecture (Amazon Web Services "AWS" and Microsoft Azure deployment, Security, Network, and Operational architectures and solution) .
  • Should have knowledge on various Networking concepts, local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), Remote access management, VLANS, Switching & Routing concepts for large enterprise, designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures, Multi Factor authentication, Risk Based authentication mechanism concepts.
  • Work Experience

  • 4-7 years of IT Security device management, Datacenter Network Designing, Implementation of Cloud architecture in large organizations.
  • Working knowledge of Privilege Access Management (PAM) and Database Activity Monitoring (DAM) solutions is must
  • Knowledge of various security technologies / solutions and products available in market and effective use / placing of such solutions.
  • Security Operations Center (SOC) SIEM tools, Firewalls, IPS, Endpoint solutions including EDR, Network devices

  • Experience of understanding Information System Vulnerabilities and exploit techniques by internal and external attackers and the bypassing techniques
  • Good understanding of Security Architecture Frameworks like SABSA, TOGAF.
  • Educational Qualifications

  • University graduate with a degree in Computer Science, Computer Engineering or any other related discipline.
  • Professional certification / qualification

    Candidates with any of the following certifications is preferable :

    CCNA Security, CISSP, CISM, CCSP, AWS Certified Security specialist etc

    Apply
    Add to favorites
    Remove from favorites
    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form