Our client has expanded its range of services, forging robust collaborations with major industry leaders, including telecom providers, banking institutions, and significant enterprises. This is in addition to forming alliances with various ministries in Lebanon. Presently, our client stands as a foremost authority in financial services, boasting the most expansive agent network in Lebanon. Dedicated to providing unparalleled services to the Lebanese populace and its residents, our client continually advances its network and offerings, maintaining an unwavering commitment to excellence.
Job Scope:
Designs information and data security frameworks ensuring protection of all physical and technical
aspects of the organization.
Main Responsibilities:
• Keeps abreast of developing security threats, and helps the board understand potential security problems that might arise from acquisitions or other big business moves.
• Acts as the organization’s representative when dealing or pursuing the sources of network attacks and information theft.
• Designs, implements and monitors a strategic, comprehensive enterprise information security strategy and Information security risk management program.
• Establishes a robust crisis communication channel, disaster recovery and risk management system.
• Prevents and defends against information security attacks.
• Recovers rapidly from security infringements.
• Partners with business stakeholders across the company to raise awareness of risk management concerns.
• Develops security policies and procedures that provide adequate business application protection without interfering with core business requirements.
• Ensures that all security risks are appropriately addressed and managed by performing a risk assessment to determine what areas are the most at risk and implements corresponding protective measures.
• Evaluates the IT threat landscape.
• Devises policy and controls to reduce risk.
• Plans regular penetration tests and oversees their implementation with adequate information security suppliers.
• Evaluates penetration test results, and oversees the implementation of the findings in order to ensure proper gaps closure.
• Manages and executes regular vulnerability assessments to ensure systems are up to date.
• Accounts for the end-to-end lifecycle of information security operations.
• Plans and tests responses to security breaches, including any table discussions.
• Conducts real-time analysis of immediate threats, and triage when something goes wrong.
• Drives security decisions based on government/industry regulations or risk management findings.
• Investigates system failures whether internal or external, deals with those responsible, and ensures the implementation of proper controls to avoid such failures.
• Analyses every security breach incident and response activity and proposes improvements to the response strategy.
• Ensures that security breaches are not a result from any of the changes made in order to protect the organization.
Education:
• Bachelor Degree in Computer Science, Information Technology, Management Information Systems, Computer & Communication Engineering or any relevant field.
• Master’s Degree is highly preferable.
• CISM, CEH or any professional security certification is needed.
Years of Experience:
9 to 14 years
Competencies:
• Strategic planning abilities.
• Aptitude in decision-making.
• Excellent Leadership skills.
• Thorough knowledge in Virtualization and Clustering.
• Thorough knowledge in Data-center security facilities and practices.
• Thorough knowledge in Disaster Recovery and Business Continuity Planning.
• General good database and database administration knowledge for MS-SQL and Oracle.
• Experience with network topology and configuration (LAN, WAN, WLAN).
• Solid foundation in Security Centric Tech such as: DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies, coding practices.
• Thorough knowledge of security systems including Firewalls, IPS, WAF, SIEM, Antivirus, Malware protection and Anti-SPAM Engines.
• In-depth expertise in ethical hacking and threat modeling and intrusion detection/prevention protocols.
• Thorough knowledge of security challenging systems including Penetration Testing and Vulnerability assessment.