Company: AITS
Location: Doha, Qatar
Employment Type: Full-time
Description:
**Job Title**
Security Engineer
• *Experience Required**
7+ years of IT Security experience out of which a minimum of 3 years should be in a similar role, preferably in the Banking, Financial Services & Insurance (BFSI) industry.
• *Role Objectives**
– Planning, implementing and administering security software, hardware, and components to control access and prevent unauthorized modification, destruction, or disclosure of confidential information.
– Contribute to the introduction of new capabilities to the Organization’s security stack employing the latest technologies including cloud-based solutions and also plans and carries out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks.
• *Detailed Job Description**
– ¨ Maintain and monitor the performance of security tools and solutions such as the Endpoint Detection and Response (EDR) solutions, Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF), Next Generation… Firewalls (NGFW), Web proxy appliances, Virtual Private Networks (VPNs), Privileged Access Management (PAM), Distributed Denial of Service (DDOS) appliances, Endpoint and Network Data Leakage Prevention (EDLP & NDLP),etc.
– ¨ Install, set-up, configure and maintain any new security appliances that need to be setup according to the overall objectives and policies of the organization.
– ¨ Develop plans to safeguard the organization’s software, hardware and components against accidental and/or unauthorized modification, disclosure of confidential information, and / or data corruption / loss.
– ¨ Develop security baselines and SOPs for security appliances and tools / solutions and implement the same rigorously.
– ¨ Monitor and review security violation logs and reports on a regular basis to ensure that these are investigated, escalated to appropriate levels of management as necessary, and correctives actions are taken in a timely manner.
– ¨ Continuously assess security threats and vulnerabilities and provide recommendations to mitigate the same by ensuring security policies and procedures and control measures are implemented.
– ¨ Execute and implement the organization’s Information Technology policies and procedures, standards, and guidelines related to security of the network and communication software, hardware, and components, as well as monitor adherence to such policies and procedures, standards, and guidelines.
– ¨ Managing security equipment, file permissions, backup and disaster recovery procedures as well as fulfilling system hardening requirements, access control requirements, ensuring system security logging and supporting auditing of security appliances and devices.
– ¨ Ensure that critical Internet data transmissions are encrypted and protected from unauthorized access and/or disruptions.
– ¨ Implementation of security tools and solutions as assigned by the IT Security Head and in support of the organization’s Digital Transformation Program as may be required.
– ¨ Ensure the enforcement of network security controls in existing and new capabilities as they are introduced.
– ¨ Implement, monitor and maintain security monitoring tools to help detect security threats and vulnerabilities in a timely manner.
– ¨ Assist in conducting vulnerability assessments, attack and penetration testing and risk assessments including RTBT drills, in relation to the organization’s security infrastructure.
– ¨ Ensure high standards of confidentiality to safeguard commercially sensitive information.
– ¨ Provide timely and accurate information to the external and internal auditors and the internal Compliance function as and when required.
– ¨ Recommend security stack enhancements to the Head of IT Security.
– ¨ Create more effective ways to solve existing production security issues.
– ¨ Executing incident response activities to protect the bank against cyber security attacks.
– ¨ Support the Head of IT Security in addressing the risks identified internally by the Operational Risk Division of the organization or by the IT Governance office.
• *Educational Qualifications**
– University degree in Computer Science with specialization in Network Engineering and/or Information Security from a recognized university.
– Professional product based security certifications such those from Fortinet, Palo Alto and Cisco are a plus.
– Certified Ethical Hacker (CEH) is a plus.
– Work experience based professional certifications such as Certified Information Systems Security Professional (CISSP) is a plus.
– Knowledge and skills based Industry / Tech Associations certifications such as CompTIA Security+, Cloud+, Cybersecurity Analyst (CySA+), Network+ for infrastructure networking are a plus.
• *Job Types**: Full-time, Permanent
Source: Qa.jobrapido.com
——————————————————————————
Tadawul Academy (www.tadawul.academy) is the highest rated CISI training academy in the world. Over 7000 students are enrolled on our eLearning platform. Our portfolio of qualifications includes: CISI ICWIM (Int. Certificate in Wealth and Investment Management), CISI UAE Financial Rules and Regulations, CISI Risk in Financial Services, CISI IISI (Int. Introduction to Securities and Investment), CISI Corporate Finance Technical Foundations, CISI Combating Financial Crime, CISI Global Financial Compliance, etc.