Information Security Specialist

Job description / Role

One of our clients an international law firm is looking for an Information Security Specialist to join their team to develop actionable information security and risk policies, standards, plans, guidelines, controls, and frameworks to ensure enterprise information technology people, processes and technology architectures are consistent, usable, and risk-managed, adding value to the business consistent with assigned information security scope and risk appetite. This role also actively engages in information/data protection and risk mitigation activities, in coordination with other teams, where information security expertise is required.

Key responsibilities
• Provide architecture, technical design and advice to internal teams on how to securely develop and build applications and supporting systems in both cloud and on-premises network ecosystems
• Drive the strategy, standards, and architecture for all aspects of the SDLC including application, mobile, web service, DevOps, cloud, and CI/CD pipeline efforts
• Collaborate with development and application teams to perform code reviews utilizing various code review methodologies, secure coding practices and applicable frameworks
• Manage day-to-day application vulnerability remediation support activities
• Participate in incident response, threat assessment and confidential internal investigation activities
• Develop and improve processes & procedures for application security during development lifecycle and maintain standards documentation as required
• Collaborate with the larger Information Security and Risk Management teams to document identified issues and risks, and develop appropriate remediation plans.

Requirements

• Have a relevant education (Computer Science, Information Security, Information Technology etc.) to at least diploma level, degree desirable
• Have 6+ years' application development experience along with a background in Security Engineering, Security Architecture, Incidence Response or Information Risk Management
• Have working knowledge of application assessment, application security vulnerabilities, code review methodologies, and secure coding practices
• Have understanding of OWASP security concepts and common application security risks, such as XSS, XSRF, SQL Injection, etc.
• Have experience in SDLC methodologies, common industry practices, supporting technologies/processes
• Have a strong knowledge of one or more scripting languages such as Python, Powershell etc.
• Be able work autonomously and as part of a global team
• Have excellent communication skills, verbal and written (must be fluent in English); and have excellent attention to detail, time management and organisational skills.

About the Company

RecruitME are a specialized recruitment consultancy supplying top tier business support staff to Dubais leading multinational organizations. We carefully source, screen and select only the very best candidates to assist our clients in making easier recruitment decisions faster.

Differentiating ourselves from standard recruitment agencies our consultants have been carefully chosen for their backgrounds in business support for leading multinational organizations. Having been both the client and the candidate previously, we have an insiders understanding of the recruitment process and our clients needs.

What we do:

Specializing in business support positions we can assist in introducing a small selection of experienced administration, finance and human resource candidates with the relevant experience to benefit your business. Our careful screening process ensures that we have met with and can give a concise overview of each candidates skills and current situation before you meet them.

We pride ourselves on sending our clients only the very best available candidates in the market to ensure a simplified, hassle free and timely recruitment experience for all involved.