Ensure proper management of the Security Compliance resources to support ongoing business initiatives from a security compliance perspective
Ensure the annual review and update of the area's processes and procedures with the development and adherence to the developed SLAs
Support the implementation of the key strategic business initiatives and projects through conducting the necessary compliance checks and security assessments such as (Code Reviews and Penetration Tests) before systems' rollout
Manage and oversee the vulnerability management program to ensure proper identification, assessment, reporting and timely remediation of the identified vulnerabilities
Review periodical vulnerability scans and penetration tests results to prepare a long/medium term remediation plan in order to mitigate any existing threats and avoid any potential risks
Ensure effective participation in the projects/Business Requirement Documents (BRD) initiation cycle, security testing and validation process including Penetration Testing, Dynamic Scans, Secure Code reviews, internal security controls checks/validations, ... etc. within the overall software development and acquisition process to assess and identify areas of concern from security compliance perspective in line with regulations, standards and best practices
Ensure & maintain the annual compliance with PCI-DSS, SWIFT CSP, EU GDPR and CBE regulations & other applicable standards and regulations
Ensure compliance with Information Security and Business Continuity Management ISO standards to maintain the acquired ISO certificates
Manage vendor communication across all security testing/services requirements, while ensuring appropriate agreements are in place with third parties to preserve the bank's information confidentiality, integrity and availability
Work collaboratively with Business units, IT teams, Audit, Legal and risk management functions to address open gaps/issues driven from internal/external audit, independent assessments and reviews as applicable, and ensure proper tracking mechanism is in place in coordination with the relevant stakeholders
Ensure that a proper process is maintained across the different IT areas for enforcement and closure of vulnerability management and patch management gaps
Maintain a proper security compliance portfolio and ensure proper reporting to the relevant committees as applicable
Manage and operate a number of security tools (within security compliance scope) such as Firewall Policy Management (Compliance Modules), Vulnerability Scanning and Enterprise Security Management tools, Dynamic and static code scanning/review tools, Enterprise Security Monitoring tools
Ensure the annual license and support renewal are done in a timely manner through the bank's approved process lifecycle for all tools managed by Security Compliance
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.