Senior Information Security Specialist

Network International

About Us

JOB DESCRIPTION

Network International is the largest Financial Technology company in the Middle East and Africa. Payments is our core business where we provide services in more than 50 countries UAE, Jordan, South Africa, Egypt are some of our key markets. Apart from payments, we provide services on Data and Insights, Lending, Insurance, Risk Solutions, etc. Our core customers are businesses at every scale and segment, though recently we have been growing in the direct-to-consumer card segment as well.

Our EVP

At Network International, every second counts. As a leader in the fast-paced world of financial services, we thrive on innovation, agility, and the relentless pursuit of excellence.

We recognize industry trends, the dual nature of technological advancements, and the scarcity of top talent. This is why we prioritize investing in our people.

Here, you ll work alongside industry experts to solve complex problems and leverage cutting-edge technology to stay ahead of the competition.

We offer a culture where your skills are valued, your growth is prioritized, and your achievements are recognized because winning isnt just our goal; its our standard.

About The Job

The Lead Desktop Support Engineer will oversee and elevate our desktop support operations within our organization. The ideal candidate should possess strong leadership skills, technical expertise, and a customer-centric approach to deliver exceptional support services to our internal stakeholders. As the Lead Desktop Support Engineer, you will lead a team of desktop support engineers, manage escalated technical issues, and drive continuous improvement initiatives to optimize our desktop environments performance and reliability.

About The Role

Reporting into Manager, Information Security the role will be responsible for supporting, handling and maintaining day to day information security assurance activities including internal and external web/mobile application/infrastructure/API penetration testing, VA and configuration audit of Infrastructure and management reporting.

Responsibilities

• Operate as the primary support to the Manager Information Security (UAE) to deliver the information security assurance program for UAE
• Support various security assurance activities including, baselining, vulnerability assessment and penetration testing of web/mobile application/API/infrastructure/POS devices/ Cloud environments .
• Conduct vulnerability management on Tech infrastructure, Applications and cloud environments
• Conduct evaluations of source code and vulnerabilities through both manual and automated methods.
• Preparing dashboards and reports for management, stakeholders, and internal team
• Support auditors with relevant evidence and documentation in line PCI DSS, ISO27001, ISAE2 3402 and NESA requirements
• Highlight latest security threats that could have significant impact on organization
• Be part of the security incident response group as required for managing / coordination of relevant investigation including data leaks, compromises etc.
• Execute other tasks as required by Manager Information Security
• Conduct reviews of NI Servers / End points / Network device to check security policy compliance against CIS benchmarks and provide mitigation controls
  
  

• 4 to 6 years of experience working in Information security teams in a large technology banking, financial or payment service institutions
• Strong hands-on experience in vulnerability management and performing penetration testing of web/mobile applications, APIs in large PCI DSS compliance environments
• Knowledge of various security tools such as Qualys, Nessus, Burpsuite, Kali Linux, Nmap, Metasploit, OAWSP Zap, Veracode, automated testing tools etc.
• Experience in reviewing security configurations and security testing in Cloud environments like OCI / Azure / AWS
• Bachelors preferably IT discipline. Post graduate degree will be an added advantage
• Has or working towards certifications such OSCP, GPEN, CISM, CISSP etc.
• Excellent verbal and written English communication skills. Must be able to present and articulate complex information security risks to technical and non-technical audiences in simple manner