Information Systems Security Engineer for Manama, Bahrain

Title: Information Systems Security Engineer

Reporting to: CEO

Working Location: Manama, Bahrain

Objective:

We are seeking a qualified Security Engineer to join our innovative, high-energy Engineering team at Bahrain. This candidate will be an innovative and forward-thinking individual who possess in-depth knowledge and will be identifying Information Security risks, provide recommendations for threat mitigation, and help raise the security bar working with various stakeholders. Your ability to see the big picture and influence others will help drive the implementation of security solutions. You will be working together and providing leadership to our engineers and the organization to develop and implement security policies and procedures. If you're passionate about protecting information without impeding productivity, we would like to meet you.

Roles and Responsibilities:

• As an Information Systems Security Engineer, you'll provide guidance and collaborate with internal teams to create and instrument data and software policies, procedures and standards across the company spanning all departments: Quality Assurance, Development, Support, Professional Services and Information Technology.
• Data Security: Responsible for data access controls, data loss prevention, data encryption and key management, data privacy and enforcing regulatory requirements and data access audits.
• IT Access Management: Create and implement the policies, tools, and activities that promote permission-based access to information, identity verification, user personal information protection and role management. Ensuring all personnel have access to the IT systems limited by need and role.
• Liaise with product management team to plan new product features ensuring they are secure by design.
• Establishing disaster recovery procedures and conducting breach of security drills.
• Promptly responding to all security incidents and providing thorough post-event analyses.
• Stay up-to-date with new technology trends in the information security domain.

Requirements:

• 10+ years relevant experience in software development, systems, network and application security engineering and handling security in web and cloud deployments.
• Well versed in application security, infrastructure security, business risk analysis and making complex business/risk trade-off recommendations and decisions.
• Knowledge of banking, financial industry, regulations about data (GDPR) and information security standards like ISO/IEC 27001 / 27002, etc.
• Hands-on knowledge of security design review, threat modelling, risk analysis and software testing techniques.
• Familiarity with common attack patterns, exploitation techniques and remediation techniques.
• Information Security audits experience, conducting security awareness sessions.
• Solid understanding of security protocols, cryptography, authentication and authorisation.
• Good working knowledge of current IT risks and experience implementing security solutions.
• Ability to interact with a broad cross-section of personnel to explain and enforce security measures.
• Excellent written and verbal communication skills as well as business acumen.

Preferred Candidates:

• The successful candidate will have a self-motivated, get-it-done attitude; strong problem-solving ability & analytical skills; the ability to think critically; enjoy working with teams spread globally and across cultures; a desire to learn in new areas; and the discipline to pay attention to deadlines, details and quality.
• BE Computer Science or Information Technology or equivalent with a software industry experience of 10 years min.
• Information security professional certifications preferred (SANS GIAC, CISSP, CISM, SABSA, etc.).

Baba Bharath Kumar
b.bharathkumar@01systems.net