drjobs Information Security Lead العربية

Information Security Lead

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Jobs by Experience drjobs

0 - 8 years

Job Location drjobs

Cairo - Egypt

Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Nationality

Any Nationality

Gender

N/A

Vacancy

1 Vacancy

Job Description

  • Implements security controls, risk assessment framework, and program that align to regulations requirements, ensuring documented and sustainable compliance that aligns with AXA Group Security Standards.
  • Manage the cyber and information security risk management lifecycle, including gaining assurance of all existing and relevant cyber and information security policies and standards.
  • Evaluates risks and develops security standards, procedures, and controls to manage risks. Improves security positioning through process improvement, policy, automation, and the continuous enhancement of capabilities.
  • Regularly produce full gap analysis reports on areas of improvement and risk, recommending thorough mitigation plans including justification for options considered.
  • Implements processes (governance, risk and compliance) to automate and continuously monitor information security controls, exceptions, risks, testing. Develops reporting metrics, dashboards, and evidence artifacts.
  • Defines and documents business process responsibilities and ownership of the controls in GRC. Schedules regular assessments and testing of effectiveness and efficiency of controls and creates GRC reports.
  • experience in Implementing ISMS, performing internal reviews, drafting and enforcing policies in accordance with AXA Group Security, ISO 27001, and PCI-DSS.
  • Work with the Third Party Risk Management (TPRM) lead to share good practice and ensure alignment for all cyber risks facing AXA both internal and external.
  • Perform the Third-Party Risk Assessments (when applicable)
  • Contribute to and check the contractual Cybersecurity clauses. Liaise with the Legal department whenever it is needed. Report to the project manager or to the management the risks of clause non-execution.
  • Work with IT, and business teams in planning, process mapping, documentation and testing of cyber-focused elements of risk.
  • Drive AXA's cyber and information security culture, acting in an ambassadorial role across the business, able to communicate to all levels of staff.
  • Demonstrate an aptitude for reporting & communicating complex information security risk concepts to technical and non-technical audiences.
  • Independently be able to produce comprehensive write ups of current risks and threats as they develop, producing expedient updates as situations change and span different threat vectors.
  • Proactively monitor and inform senior stakeholders on emerging cyber risks and threats, providing a view through a business lens on potential impacts.
  • Own the creation and presentation of cyber and information security performance against governance frameworks and risk appetite.
  • Develop and maintain AXA's Security Risk Process including - assessing potential business impact that could result from a security breach, and the resultant value of the security of information; Identifying security weaknesses and vulnerabilities; Modelling security threat scenarios; Assessing the likelihood of such threat scenarios; Assessing the overall risk level and identifying and recommending appropriate controls to manage the risk.
  • Updates security controls and provides support to all stakeholders on security controls covering internal assessments, regulations, Secondary assurance, Minimum Technical Security Baseline
  • Performs and investigates internal and external information security risk and exceptions assessments. Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks.
  • Documents and reports

Employment Type

Full-time

Company Industry

Insurance

Department / Functional Area

Administration

Key Skills

About Company

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.