Careers

We are looking for a Senior Security Architect for Infrastructure as a Service (IaaS) area with below Job Description.
Can you please share relevant profiles for the same?

Education & Certifications

• Master or Bachelor’s degree in computer science, information systems management or related field
• CISSP, CEH, OSCP, OSCE or others

Experience

• 10 years of experience in information technology where mostly spent in infrastructure security architecture and engineering
• Experienced in different infrastructure technologies, tools and trends covering IaaS, PaaS, Virtualization, Containers, Storage and Network related areas
• Experienced in defining security baseline standards, best practices and security controls for various infrastructure technologies
• Experienced in Linux and Windows with various open source technologies

Skills

• Comprehensive knowledge of infrastructure technologies, virtualization, operating systems, exchange, active directory, storage, database and networks
• Should be able to define foundational security requirements for IaC, Ansible, Terraform, Kubviet, Kubernetes, OVM, OpenSource DB etc
• Should be able to provide security requirements for wide variety of tools used in achieving automation like Jenkins, GIT, Nexus etc
• Have worked with key security solutions and tools like Vault, PAM, SIEM, WAF, Firewall, IPS, IDS, DLP, PKI etc
• Perform Penetration Testing/Exploitation
• Secure Code Reviews
• Security Automation using Scripting
• Strong Risk assessment skills
• Strong coding and scripting skills
• Knowledge of programming languages like .NET, Java, NodeJS, Angular JS, and secure coding practices
• Knowledge of different cloud deployment models and cloud taxonomies
• Knowledge of ITSM and related tools

Soft Skills

• Decision Maker
• Planning skills
• Time Management
• Autonomous
• Positive & Constructive Attitude
• Analytical thinking
• Eye for detail
• Competent and committed
• Innovator/Out of the box thinker
• Collaborative
• Superior Communication skills (both Business & Technical)
• Adaptive – pitches the message based on the audience
• Assertive – needs to influence and enforce security in teams and squads
• Deep knowledge of Agile way of working – Scrum/Kanban
• Stakeholder Management skills
• Influencer

Location – Kingdom of Saudi Arabia
Reporting to – Manager - Validation
Travel Requirement – Mostly within KSA, maybe required to visit other GCC countries

Responsibilities

• Developing, maintaining, enforcing some Information security standards, procedures in line with ISO 27001 standards, COBIT, ITIL and PCI-DSS and other similar standards
• Conduct operational and process reviews in compliance to ISO27001 standards or others such as Cobit, NIST, ISO 20000, ISO 22301
• Provide pre-sales support in form of technical/requirement study of RFPs, writing up proposals, delivering presentation to customers, scoping and doing effort estimations
• Develop Information security policies and procedures
• Help clients in achieving ISO 27001, ISO 22301, ISO 20000 certifications
• Project management experience in managing audit & compliance projects with security standards implementation such as ISO 27001, ISO 20000, ISO 22301 etc., internal and external Audit finding remediation, etc.
• Achieve assigned consulting sales targets, both locally and regionally through developing business with existing customers & New Customers.
• Evaluating, reviewing and recommending and setting baselines within the assigned area of focus.
• Assist in maintaining frameworks for security risk management and business continuity
• Should have good experience in writing non-compliance reports, good documenting skills and presentation skills
• Providing expert security involvement in the lifecycle of business and infrastructure projects including architecture reviews, application design, disaster recovery and vulnerability scanning.
• Act as a subject matter expert in security policies and procedures, network assessments, security health checks, incident response, application security, security compliance assessments and business partner assessments and management strategies.
• Work closely with Senior Information Security Professionals, clients and offer management oversight for other consultants.
• Must be able to manage all aspects of an engagement lifecycle, including such items as requirements definition, data collection, report writing, client status reporting through final presentation of engagement deliverables.
• The position is expected to serve as mentor to other colleagues and consultants.

Requirements

• A bachelor's degree or a PG in Information Systems/Computer Science or relevant field
• Previous experience as an Information Security Specialist, Information Security Consultant or ISO Security standards implementation specialist
• Proven track record of providing security consulting services such as vulnerability assessments, risk assessment, information systems security audit and ISO27001/20000/22301 Consultancy
• Familiarity with various operating systems, database and applications
• Good knowledge of PCI-DSS, ISO 27001/20000/22301 standards, Information Security Framework.
• Information Security/Assurance certification such as CISSP/ CISA /CISM /GIAC / CRISC / CBCP are a definite advantage
• Excellent oral and written communication skills with ability to interact with all levels in the organization.
• At least 5 to 10 years of relevant experience in consultancy
• Should have good experience in report writing & documenting skills
• Ability to multitask many issues at once and to make sure that projects are completed on time and with the agreed quality.
• Strong client relationship building/ interpersonal skills and communication skills
• Should have experience in doing presentations, demonstrations, conducting evaluations, preparing proposals, responding to RFPs, Tenders, etc.
• Willing to travel
• Must be fluent in English and preferably Arabic

Location – Dubai, UAE
Reporting to – Manager - Validation
Travel Requirement – Middle East, Turkey & South Africa

Roles & Responsibilities

• Be able to recognize compelling reasons for clients and prospects to act upon these requirements, and in turn be able to communicate how to persuasively articulate how an eGRC solution can best meet these requirements.
• Be capable of presenting and articulating the differentiated value of IBM OpenPages eGRC solutions compared to competitors in the market.
• The capability to configure the OpenPages solution so as to enable customers to achieve a rapid time-to-value and, once implemented, to adapt the solution over time as the risk framework evolves in response to changing regulatory, competitive and internal operating environments.
• This role requires consulting skills, business knowledge, and eGRC solution expertise to effectively integrate technology into the client's business environment in order to achieve client expected business results
• Progress pre-sales opportunities to closure
• Work with channel partners across the META region to identify & progress opportunities
• An outstanding ability to understand business problems and articulate a corresponding solution based on eGRC solutions.
• Mentor, train and develop knowledge within the team on eGRC
• Manage deployment teams and consultants delivering on projects
• Maybe required to assist in Information Security Consulting projects by managing and reviewing deliverables & project management

Requirements

• Bachelor's Degree
• Master's Degree in Business/Management or Finance preferred
• Minimum of 5 years' experience in complex Enterprise Software Sales
• Minimum of 3 years' experience in Governance, Compliance & Risk, or Finance
• Readiness to travel 70% annually
• English: Fluent, Arabic is an advantage

Location – Dubai, UAE
Reporting to – Manager - Validation
Travel Requirement – required to visit and be located in GCC countries

Roles & Responsibilities

• Developing, maintaining, enforcing some Information security standards, procedures in line with ISO 27001 standards, COBIT, ITIL and PCI-DSS and other similar standards
• Conduct operational and process reviews in compliance to ISO27001 standards or others such as Cobit, NIST, ISO 20000, ISO 22301
• Develop Information security policies and procedures
• Help clients in achieving ISO 27001, ISO 22301, ISO 20000 certifications
• Experience in managing audit & compliance projects with security standards implementation such as ISO 27001/ ISO 20000/ ISO 22301 etc., internal and external Audit finding remediation, etc.
• Evaluating, reviewing and recommending and setting baselines within the assigned area of focus.
• Assist in maintaining frameworks for security risk management and business continuity
• Should have good experience in writing non-compliance reports, good documenting skills and presentation skills
• Providing expert security involvement in the lifecycle of business and infrastructure projects including architecture reviews, application design, disaster recovery and vulnerability scanning.
• Act as a subject matter expert in security policies and procedures, network assessments, security health checks, incident response, application security, security compliance assessments and business partner assessments and management strategies.
• Work closely with Senior Information Security Professionals, clients and offer management oversight for other consultants.
• Must be able to manage all aspects of an engagement lifecycle, including such items as requirements definition, data collection, report writing, client status reporting through final presentation of engagement deliverables.

Requirements

• A bachelor's degree or a PG in Information Systems/Computer Science or relevant field
• Previous experience as an Information Security Specialist, Information Security Consultant or ISO Security standards implementation specialist
• Proven track record of providing security consulting services such as vulnerability assessments, risk assessment, information systems security audit and ISO27001/20000/22301 Consultancy
• Familiarity with various operating systems, database and applications
• Good knowledge of PCI-DSS, ISO 27001/20000/22301 standards, Information Security Framework.
• Information Security/Assurance certification such as CISSP/ CISA /CISM /GIAC / CRISC / CBCP are a definite advantage
• Excellent oral and written communication skills with ability to interact with all levels in the organization.
• At least 3 to 5 years of relevant experience in consultancy
• Should have good experience in report writing & documenting skills
• Ability to multitask many issues at once and to make sure that projects are completed on time and with the agreed quality.
• Strong client relationship building/ interpersonal skills and communication skills
• Willing to travel
• Must be fluent in English and preferably Arabic