عربي
Search Search Search

 

CSR

 

Fuel Prices

 

Tenders

 

  • Products and Services
  • Fuel Prices
  • Tenders
Call Center
40217777
Toll Free Number
800-3835 800-FUEL

Job Application

​​​​​​​​​​​​​​​​​​​​​​​​​​​​

 

 

Information Security Assurance AnalystInformation Technologyتكنولوجيا المعلوماتInformation Security Assurance AnalystInformation Security Assurance Analyst5/30/2020 9:00:00 PM<p><strong class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10.5pt;">Qualifications:</strong></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Bachelor's degree in Computer Engineering or IT</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10.5pt;"><strong>Experience:</strong></span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">5-7 years of experience in IT Security including mandatory 4+ years of experience in GRC</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">BS/MS in Computer Science (or relevant work experience)</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Proven experience architecting and implementing large-scale, enterprise wide GRC solutions.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Security certification desired ITIL, Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) or Certified in the Governance of Enterprise IT (CGEIT)</span></p><p><strong class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10.5pt;"><strong>Skills:</strong></strong></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Demonstrated understanding of real-world application of (ISO/IEC) 17799:2005(E) standards, COBIT and RISK IT frameworks and PCI-DSS requirements.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Support GRC Lead and manage adherence to access controls and process controls framework for the WOQOD</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Experience with one or more of the following tools: RSA Archer, SAP GRC. </span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Ability to clearly communicate with technical and non-technical stakeholders is a must, in order to translate technical jargon into business related decisions for management and clients, and business objectives into technical solutions.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Special emphasis is placed on demonstrated knowledge in the areas of risk assessment, strong understandings of secure communications, secure data storage, secure systems development, secure systems deployment and documentation.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Understanding of GRC concepts and best practices</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Proficiency in design & development of GRC solutions</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Enterprise Risk Management</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Business Continuity Management</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">IT Security Management</span></p><p>​<strong class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10.5pt;">Qualifications:</strong></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Bachelor's degree in Computer Engineering or IT</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10.5pt;"><strong>Experience:</strong></span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">5-7 years of experience in IT Security including mandatory 4+ years of experience in GRC</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">BS/MS in Computer Science (or relevant work experience)</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Proven experience architecting and implementing large-scale, enterprise wide GRC solutions.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Security certification desired ITIL, Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) or Certified in the Governance of Enterprise IT (CGEIT)</span></p><p><strong class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10.5pt;"><strong>Skills:</strong></strong></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Demonstrated understanding of real-world application of (ISO/IEC) 17799:2005(E) standards, COBIT and RISK IT frameworks and PCI-DSS requirements.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Support GRC Lead and manage adherence to access controls and process controls framework for the WOQOD</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Experience with one or more of the following tools: RSA Archer, SAP GRC. </span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Ability to clearly communicate with technical and non-technical stakeholders is a must, in order to translate technical jargon into business related decisions for management and clients, and business objectives into technical solutions.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Special emphasis is placed on demonstrated knowledge in the areas of risk assessment, strong understandings of secure communications, secure data storage, secure systems development, secure systems deployment and documentation.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Understanding of GRC concepts and best practices</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Proficiency in design & development of GRC solutions</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Enterprise Risk Management</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Business Continuity Management</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">IT Security Management</span></p><p><span style="font-size:10.5pt;">​<span lang="EN-GB" style="line-height:107%;font-family:"arial",sans-serif;"><strong><font color="#000000">JOB OBJECTIVE</font></strong></span>:</span></p><p><span style="line-height:107%;font-family:"arial",sans-serif;font-size:10pt;"><font color="#000000">To conduct ongoing security monitoring for applications running on Woqod’s IT systems as per<span>  </span>the established guidelines and procedures; assess risks to IT security, and proactively highlight non conformances<span>   </span>to facilitate the development of a secure IT environment across Woqod.</font></span></p><p><span class="ms-rteThemeForeColor-2-5" lang="EN-GB" style="line-height:107%;font-family:arial;font-size:10.5pt;"><strong>Description</strong></span></p><p style="text-align:justify;"><strong class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10.5pt;">Security Policies & Procedures</strong></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Implement relevant security protocols for all new applications & systems installed at woqod to ensure compliance to the security policies & procedures; effective integration & consistency with the existing protocols.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Develop and maintain IS policy, standards, procedures and guidelines to support the organizations' information security program.</span></p><p style="text-align:justify;"><strong class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10.5pt;">Inspection of Security Breaches</strong></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Review violations of applications security procedures and discuss procedures with violators to ensure violations are not repeated; escalate the case in case of a high level security breach or violation to the IT Security Head so that proper action can be taken</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Good knowledge and understanding of security software / tools, such as Antivirus, SIEM, DLP, MDM, IDAM, PIM, MFA, NAC and data encryption etc., to protect organizational information</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Analyze logs to identify attack trends.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Review in-house and 3rd-party applications/code for security vulnerabilities and best practices.</span></p><p style="text-align:justify;"><strong class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10.5pt;">GRC Activities</strong></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Conduct information security risk assessments by following the Woqod internal risk assessment methodology and template.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Day to day evaluation of adherence to Woqod internal information security controls.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Identify weaknesses in the in place operational processes, systems and network and escalating these observations for management prioritization.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Promote information security awareness by providing hands on training and mentoring in the areas of GRC.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Work with a multi discipline team to create a solid information technology infrastructure and collaborate with teams to ensure that the relevant policies and procedures are implemented</span></p><p>​<span style="font-size:10.5pt;"><span lang="EN-GB" style="line-height:107%;font-family:"arial",sans-serif;"><strong><font color="#000000">JOB OBJECTIVE</font></strong></span>:</span></p><p><span style="line-height:107%;font-family:"arial",sans-serif;font-size:10pt;"><font color="#000000">To conduct ongoing security monitoring for applications running on Woqod’s IT systems as per<span>  </span>the established guidelines and procedures; assess risks to IT security, and proactively highlight non conformances<span>   </span>to facilitate the development of a secure IT environment across Woqod.</font></span></p><p><span class="ms-rteThemeForeColor-2-5" lang="EN-GB" style="line-height:107%;font-family:arial;font-size:10.5pt;"><strong>Description</strong></span></p><p style="text-align:justify;"><strong class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10.5pt;">Security Policies & Procedures</strong></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Implement relevant security protocols for all new applications & systems installed at woqod to ensure compliance to the security policies & procedures; effective integration & consistency with the existing protocols.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Develop and maintain IS policy, standards, procedures and guidelines to support the organizations' information security program.</span></p><p style="text-align:justify;"><strong class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10.5pt;">Inspection of Security Breaches</strong></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Review violations of applications security procedures and discuss procedures with violators to ensure violations are not repeated; escalate the case in case of a high level security breach or violation to the IT Security Head so that proper action can be taken</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Good knowledge and understanding of security software / tools, such as Antivirus, SIEM, DLP, MDM, IDAM, PIM, MFA, NAC and data encryption etc., to protect organizational information</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Analyze logs to identify attack trends.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Review in-house and 3rd-party applications/code for security vulnerabilities and best practices.</span></p><p style="text-align:justify;"><strong class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10.5pt;">GRC Activities</strong></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Conduct information security risk assessments by following the Woqod internal risk assessment methodology and template.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Day to day evaluation of adherence to Woqod internal information security controls.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Identify weaknesses in the in place operational processes, systems and network and escalating these observations for management prioritization.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Promote information security awareness by providing hands on training and mentoring in the areas of GRC.</span></p><p><span class="ms-rteThemeForeColor-2-5" style="font-family:arial;font-size:10pt;">Work with a multi discipline team to create a solid information technology infrastructure and collaborate with teams to ensure that the relevant policies and procedures are implemented</span></p>

Back to Vacancies Page >> ​​​​​​​​​​​

This job has been closed.

 

x
Refine