Role Summary:
The Security Architecture provides Information Security expertise and contributes to the success of the Information Security function achieving Banque Misr Information Security baseline mandated requirements defined by Banque Misr including but not limited to implementing new Security layers and creating new powerful monitoring function plus insuring that security standards and requirements are implemented by all technology functions relevant to the job function.
Core Responsibilities:
- Maintain Security Engineering, process, and technology infrastructure, including creation and review of Security Engineering design, guidelines, and operating procedures.
- Work closely with the Security Architecture and GRC teams to define, develop and facilitate efficient and effective service delivery to constituent organizations.
- Responsible for vendor management, meeting vendors, vendors comparison analysis versus bank Misr requirements.
- Perform procurement cycle from technical perspective & run POCs.
- Write or review RFPs, RFQs, RFEs technical specs from information security perspective.
- Ensure the implemented services/solutions follows latest security standards through and it is compliance with the CBE framework.
- Ensure abiding the relevant information security controls with the security standards (ISO 27001, PCI-DSS) & CBE framework.
- Seek technologies and top vendors that fulfill business and security requirements.
- Design and owns the leadership of the implementation/installation requirements for LANs, WANs, VPNs, routers, firewalls, and related network devices.
- Provide input to global standards, guidelines and procedures to IT security & QA teams.
- Participate in the definition of the organization's IT disaster recovery and continuity plans for security event management systems.
Requirements:
- Bachelor or master's degree in Telecommunication/electronics/computer engineering.
- Minimum 1-3 years experience in security architecture and Information Security positions
- Hands-on experience on various security controls like (WAF, next gen firewalls, IPS, proxies, APT, sandbox, EDR, SDN, NAC, VPNs, SIEM, MFA, AAA, endpoint security, DLP, application control .. etc).
- Knowledge with cloud technologies is a plus.
- CISSP, CISM, CRISC, CCDP, CCIE Security or other expert Security Certification is required.
