{{ flashMessage.message }} {{ flashMessage.linkText }} {{ flashMessage.linkText }} {{ flashMessage.linkText }}

Information Security Analyst

Tandem Search

Bahrain

Tandem Search careers & jobs

Ref: KP709-2083

Job description / Role

Employment: Full Time

Our Client, a leading FS company, is looking for an information security Analyst.

Responsibilities include:
- Develop Information Security Policy, Standards and Guidelines as per best practises and compliance mandates such as the Payment Card Industry Data Security Standard (PCI DSS). Interprets information security policies, standards, and other requirements in light of specific internal information systems, and assists with the implementation of these and other information security requirements (Payment Card Industry Data Security Standard (PCI DSS), CBB mandates).
- Assist in evaluating new technology and security products for relevancy to Organization’s overall security strategy and in support of new business requirements/initiatives.
- Assists with the selection, installation, and adoption of information security solutions. Works with Systems Administrators, and network administrator to deploy selected information security technical solutions such as Data loss Prevention solution (DLP), Email Security gateways, Web Security Gateway, Web application firewalls, Security Information and Event Management (SIEM) and any other security related solutions.
- Analyzes and assesses vulnerabilities in the infrastructure (software, hardware, networks), investigates available tools and countermeasures to remedy the detected vulnerabilities, and recommends solutions and best practices. Analyzes and assesses damage to the data/infrastructure as a result of security incidents, examines available recovery tools and processes, and recommends solutions. Tests for compliance with security policies and procedures. May assist in the creation, implementation, and/or management of security solutions.
- Scans for, identifies and assesses vulnerabilities in IT systems including computers, networks, software systems, information systems, and applications software.
- Manage and coordinate external and internal vulnerability/penetration testing activities. Create Vulnerability assessment reports detailing exposure identified and suggesting mitigations. Runs or works with others that periodically run vulnerability identification software packages and related tools to immediately highlight errors in systems configuration, the need for the update of software with fixes and patches, and other security related change.
- Lead review of assessment findings to gauge overall risks, severity, and appropriate corrective measures where necessary. Provides special technical guidance to the Information Technology Department staff about the risks and control measures associated with new and emerging information systems technologies.
- Assist in defining security requirements for new projects; assist in reviewing proposed changes in the technology environment for security implications. Acts as a technical information security reviewer of requirements statements, feasibility analyses, operating procedure manuals, and other documents produced during the systems development process.
- Evaluates information system bug reports, security exploit reports, and other information security notices issued by information system vendors, government agencies, universities, professional associations, and other organizations, and as needed, makes recommendations to internal management and technical staff to take precautionary steps
- Designs, develops, delivers or oversees the delivery of, information security training and/or other information security awareness programs (videos, memos, computer-based training, etc.) for users, technical staff, and management .Working in conjunction with HR Training and development manager, periodically determines the effectiveness of information security awareness programs, and quantifies this effectiveness.
- Tasked with protecting computers, networks, software, data, and/or information systems against viruses, worms, spyware, malware, intrusion detection, unauthorized access, denial-of-service attacks, and an ever increasing list of attacks by hackers acting as individuals or as part of organized crime or foreign governments.

Perform operational information security activities as follows:
- Provides technical assistance with the initial set-up and secure deployment of systems that support information security including virus detection systems, firewall content filtering systems, web site blocking systems, intrusion detection systems, intrusion prevention systems, and data loss preventions solution.
- Administer the implemented information security solutions including web gateway, email gateway, DLP, SIEM and other security solutions.
- Monitors logs kept by computer and network access control systems utilizing the implemented SIEM solution to detect attempts at unauthorized use, and notifies the Computer Security incident response team (CSIRT).
- Serve as subject matter expert during security incident response activities. Participates on a Computer Security incident response team (CSIRT) that responds to various security incidents such as denial of service attacks, virus infestations, spam emails and internal frauds.
- Prepares and periodically updates draft information security policies, architectures, standards, and/or other technical requirement documents needed to advance information security at AEME.
- Prepares and communicate to senior management Information security reports. Highlight and document and any incidents reported or vulnerabilities that require attention.
- Help promote appropriate operational security best practices and provide technical assistance to Helpdesk, Systems Administrators, Network Administrators, Web Site Administrators, and Database Administrators when required to resolve incidents or perform root cause analysis.

Requirements

- 5 years experience
- CISSP
- CISM
- Knowledge and expertise of security standards, concepts, principles and processes
- Hands on experience of Security Vulnerability Tools such as NMap, Cain & Abel, Win Air Crack, GFI, IDS, Nessus Accunetics
- Hands on with Security Applications like Checkpoints, Proxy’s, IPS etc
- Hands on experience with Windows, HP Unix, Linux, Solaris and Cisco
- Hands on experience with MS SQL, DB2 and Oracle RDBMS
- Hands on experience with Data Loss Prevention Tools
- Hands on experience with Security Information and Event Management (SIEM)
- Previous experience as a skilled security engineer in a complex environment

About the Company

Building businesses, changing lives

At Tandem, we’ve built a vast network of top-tier professionals across the globe. We empower businesses to thrive by delivering unmatched talent solutions. With our global reach, collaborative approach, and unwavering commitment to excellence, we drive transformative growth and shape exceptional teams.

Who we are.

We are a team of industry experts, driven by a passion for innovation and excellence. We are dedicated to providing unique talent solutions and nurturing collaborative partnerships that redefine success.

Get personalised updates on latest vacancies
Sign up for Job Alerts
Explore Tandem Search careers
Advertise Here
Job Search Support
Get a Free CV Review
Get a professional CV
Find Top Talent
Explore Our CV Database Post a Job Now
Job Alerts by Email
  • Personalised updates on latest career opportunities
  • Insights on hiring and employment activity in your industry
  • Typically sent twice a month
Sign up for job alerts

Other Services

Bahrain Labour Law
Bahrain Public Holidays
Courses
Employment News
  • © GulfTalent 2024. All Rights Reserved.