Data & Applications Security Assistant Manager

Al-Ahli Bank Of Kuwait

ACCOUNTABILITIES
• Participate in Develop Bank strategy to increase Security Maturity Level.
• Assess and enhance all data & application security domains, including but not limited to [Web application Firewalls, Application Shielding, Vulnerability management, asset management, HSMs, data classification, DLP, Sandbox environments, SIEM, TIP, SOAR, Database security, web gateway, mail gateway, data integrity, IPS, etc.]
• Participate Plan to Implement Security into Business-as-Usual Processes.
• Implement Information Security Programs based on NIST/ISO 27001 security standards overseeing all IT security & compliance initiatives across all business units.
• Lead compliance audits for External audits, Central Bank of Egypt, ABK Kuwait audit.
• Collaborate with Information Security, legal and compliance groups to develop business and technical compliance strategies Develop Periodic Security Health check report for Top management to be aware of any
• Coordinate the development, communication and participate in delivering operation security awareness program
• Follow up periodic process of Execute and maintain Vulnerability assessment finding and lead Operations Teams to Cover Execute, maintain and update risk assessment profiles.
• Monitor, assess and verify the implementation of IT security baselines within the IT organization.
• Security Knowledge transfer to IT security operation team.
• lead current and future Security Projects within the bank
• Follow up change management process
• Follow up patch management process
• Review and assess all type of Encryption and maintain key management process.
• Continually assess the overall effectiveness of the information security program.
• Participate in Incident Management.
• Align with Security Operations Centre SOC to implement recommended controls.
• Follow up Security information and event management Process.
Education
• Bachelor s degree in computer science or Equivalent
• Mandatory: PCI, CCNP Security, Network Security
• Recommended: CISSP, CISM or CISA
Knowledge:
• IT security operations
• Risk Assessment
• Security Assessment
• At least 5 year s professional IT experience
• Experience in Information Security Standard IS0 27xx, PCI
• Security Architecture review and advise as per security standard
• Security hardening
• Risk assessment and incident handling
• Security Scans and take required actions/controls
• Secure Development cycle for in-house applications.
• maintain Security Operations Center with all required activities.
• Strong understanding of data security concepts, application security best practices, and risk management principles.