Sr. Info. Security Analyst
Heliopolis, Cairo, Egypt
Full Time
Information Security
Senior Executive
Job Summary
The Sr. Information Security Analyst supports the organization’s overall Information Security, including Cybersecurity posture and culture. The Sr. Information Security Analyst will require both strong technical and interpersonal skills to effectively analyze information systems, research and validate alerts, and operate security tools for monitoring the MTS environment. In this hands-on role, the incumbent must make well-executed judgments in developing and deploying solutions as part of Application Security. This individual will be required to coordinate with members of other internal IT teams, service vendors, and stakeholder groups to ensure the efficient, timely delivery of security recommendations.
Responsibilities
Qualifications
The Sr. Information Security Analyst supports the organization’s overall Information Security, including Cybersecurity posture and culture. The Sr. Information Security Analyst will require both strong technical and interpersonal skills to effectively analyze information systems, research and validate alerts, and operate security tools for monitoring the MTS environment. In this hands-on role, the incumbent must make well-executed judgments in developing and deploying solutions as part of Application Security. This individual will be required to coordinate with members of other internal IT teams, service vendors, and stakeholder groups to ensure the efficient, timely delivery of security recommendations.
Responsibilities
- Evaluate/assess Application Security Architecture and suggest recommendations. Provide best practices.
- Prepare Threat Models for Application security and recommend mitigations.
- Support the administration of local and vendor-managed security solutions for the MTS environment.
- Analyze security threats, vulnerability assessments, and audit results to recommend security solutions that enable business objectives.
- Work with Application Engineering teams to ensure public access applications are designed and implemented with necessary security controls.
- Work with the Application Engineering teams to ensure Static Application Security Testing is performed as part of CI/CD. Provide guidance on remediation.
- Conduct Dynamic Application Security Testing. Review findings and engage Application Engineering teams for remediation.
- Provide security information assurance subject matter expertise support throughout the SDLC.
- Review and improve Access Management & Controls.
- Collaborate with other teams to support response efforts to security-related findings or concerns.
- Report on incident response metrics and provide assessment reports.
- Continuously improve the organization’s security stance and framework.
- Help to develop and maintain Security Best Practices manual/portal.
- Assist with the organization’s security awareness training program.
- Recommend and participate in the design and implementation of policies, procedures, standards, tools, and methodologies.
- Work with Security Operations Center to analyze and respond to alerts from automated logging, monitoring tools. Review and update the incident response and disaster recovery plans as needed
- Maintain up-to-date knowledge of the Information security industry, including awareness of new or revised security solutions and improved security processes.
- Keep a keen watch for new vulnerabilities and exploits and execute documented incident response procedures to deal with them.
Qualifications
- 5-7 years of experience working in IT, and
- 5-7 years of experience in Information Security.
- Familiar with OWASP Top 10.
- Familiar with Threat Modeling tools/process.
- Familiar with SAST and DAST tools/processes.
- Familiar with Identity and Access Management, IGA, and PAM.
- Familiar with DevSecOps, CI/CD.
- Familiar with security best practices of IT networks.
- Familiar with security best practices of public or private clouds.
- Familiar with NIST SP 800-53, CSF.
- Experience managing security service providers to complete regular duties.
- Experience leading other team members.
- Strong knowledge of industry standards and best practices for Information Security
- Ability to set and manage priorities judiciously
- Excellent written and oral communication skills
- High Emotional Intelligence (interpersonal skills)
- B.S. degree in Computer Science or related technical discipline or any other college discipline with additional 2 years of Information Security experience and CISSP certification.
- Certifications such as CISSP, GCIH, OSCP, ISO 27001 LA are highly desirable.
Apply for this position
Required*