Overview
Head of Information Security Management Jobs in Cairo, Cairo, Egypt at SSC Egypt
Title: Head of Information Security Management
Company: SSC Egypt
Location: Cairo, Cairo, Egypt
Oversee and manage the Information Security Management team to ensure proper management of the resources to support the ongoing business initiatives and ensure clear personal development plan is developed for each team member with an adequate training and coaching plan
Ensure the annual review and update of the area’s processes, procedures and policies with the development and adherence to the developed SLAs
Ensure the proper enforcement of the developed security policies across all areas
Lead the enhancing, formalizing and standardizing of the different information security programs and management processes, to apply effective control mechanisms and to ensure organization’s ability to manage and be protected towards different types of security threats, including but not limited to the Identity & Access Management, Data Classification and Protection, Privileged Access Management programs and others
Oversee the implementation of the Information Security Management strategy and objectives to ensure the proper enforcement of the developed security policies
Liaise with IT Security Department to ensure adequacy of security testing and assessments prior to execution, to ensure sound security practices are implemented across all bank’s platforms, systems and services provided, while also ensuring the relevant processes and procedures are adequately reflecting and considering the security policy requirements, as well as risk, compliance and controls requirements
Develop and enhance information security procedures with proper reflection of the emerging threats and changes to the bank’s Cyber Security landscape, including the maintenance of staff awareness of these policies and procedures, as well as proper monitoring of policy exceptions
Ensure that a proper security risk assessment framework is in place and effectively implemented across different areas of the organization, with timely identification, escalation, resolution and follow up for all outstanding issues related to Security as tracked in the Security risk register and KRIs
Act as support arm when it comes to Information Security consultation for all different business units within the organization and provide sound feedback and alternative solutions for security risk mitigation
Validate and ensure adequate feedback is provided on behalf of the security organization (Info Sec, IT Security, Physical Security, Security Operations Center) to internal/external auditors, regulatory bodies and other entities as applicable
Seek concurrence from the Non-Financial Risks and Compliance Committee and keep the relevant Committees updated with the overall Security Risk Rating of the bank to assist in better-formed decisions and security strategy planning
Report Security risks, compliance and controls dashboards and exceptions to Non-Financial Risks and Compliance Committee and other relevant committees as required
Communicate with Senior Management for any needed clarifications or highlighting security risks that require more organizational; awareness and action, through the relevant committees or individually
Work closely with Security Operations Centre to ensure aspects of Information Security Risk, Control and Compliance that require continuous monitoring are adequately embedded within the day-to-day SOC operations
Ensure the annual maintenance of the PCI-DSS certification to keep the card holders’ data secured against cyber-attacks
Ensure the annual compliance with the …
