Overview
Information Security Compliance Manager Jobs in Cairo, Cairo, Egypt at SSC Egypt
Title: Information Security Compliance Manager
Company: SSC Egypt
Location: Cairo, Cairo, Egypt
Ensure proper management of the Security Compliance resources to support ongoing business initiatives from a security compliance perspective
Ensure the annual review and update of the area’s processes and procedures with the development and adherence to the developed SLAs
Support the implementation of the key strategic business initiatives and projects through conducting the necessary compliance checks and security assessments such as (Code Reviews and Penetration Tests) before systems’ rollout
Manage and oversee the vulnerability management program to ensure proper identification, assessment, reporting and timely remediation of the identified vulnerabilities
Review periodical vulnerability scans and penetration tests results to prepare a long/medium term remediation plan in order to mitigate any existing threats and avoid any potential risks
Ensure effective participation in the projects/Business Requirement Documents (BRD) initiation cycle, security testing and validation process including Penetration Testing, Dynamic Scans, Secure Code reviews, internal security controls checks/validations, … etc. within the overall software development and acquisition process to assess and identify areas of concern from security compliance perspective in line with regulations, standards and best practices
Ensure & maintain the annual compliance with PCI-DSS, SWIFT CSP, EU GDPR and CBE regulations & other applicable standards and regulations
Ensure compliance with Information Security and Business Continuity Management ISO standards to maintain the acquired ISO certificates
Manage vendor communication across all security testing/services requirements, while ensuring appropriate agreements are in place with third parties to preserve the bank’s information confidentiality, integrity and availability
Work collaboratively with Business units, IT teams, Audit, Legal and risk management functions to address open gaps/issues driven from internal/external audit, independent assessments and reviews as applicable, and ensure proper tracking mechanism is in place in coordination with the relevant stakeholders
Ensure that a proper process is maintained across the different IT areas for enforcement and closure of vulnerability management and patch management gaps
Maintain a proper security compliance portfolio and ensure proper reporting to the relevant committees as applicable
Manage and operate a number of security tools (within security compliance scope) such as Firewall Policy Management (Compliance Modules), Vulnerability Scanning and Enterprise Security Management tools, Dynamic and static code scanning/review tools, Enterprise Security Monitoring tools
Ensure the annual license and support renewal are done in a timely manner through the bank’s approved process lifecycle for all tools managed by Security Compliance
Ensure proper validation of the responses obtained for open internal/external audit issues before communicating with Information Security Management to properly assess and track the open audit issues
Resolve communication/misunderstanding conflicts between Security Compliance team and different stakeholders to ensure a streamlined process is in place
Reflect necessary compliance triggers in the Security Operations Center use cases and participate in reviewing use cases development, testing and launching to be monitored on ongoing basis by the SOC team
Ensure adherence to the defined compliance operating model to support the differ…
