80 Cloud Security jobs in Bahrain

• Design, implement, and manage cloud security solutions to protect against advanced threats.
• Develop and maintain security policies, standards, and procedures for cloud environments.
• Conduct regular security assessments, vulnerability scans, and penetration testing for cloud infrastructure.
• Monitor cloud security logs and alerts using SIEM and other security tools to detect and respond to potential breaches.
• Lead incident response activities for cloud-based security incidents, including containment, eradication, and recovery.
• Implement and manage identity and access management (IAM) controls in cloud platforms.
• Ensure compliance with relevant industry regulations and standards (e.g., ISO 27001, SOC 2, GDPR) for cloud deployments.
• Collaborate with cloud engineering and development teams to integrate security best practices into the DevOps lifecycle (DevSecOps).
• Develop and deliver security awareness training for employees on cloud security best practices.
• Evaluate and recommend new security technologies and tools to enhance cloud security posture.
• Perform threat modeling and risk assessments for new cloud initiatives.
• Manage security configurations of cloud services, ensuring adherence to hardening guidelines.
• Contribute to the continuous improvement of the organization's overall cybersecurity strategy.
• Stay current with emerging cloud security threats and technologies.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 5 years of experience in information security, with at least 3 years focused on cloud security.
• Hands-on experience with major cloud platforms (AWS, Azure, GCP) and their security services.
• Proficiency in security tools such as SIEM, vulnerability scanners, IDS/IPS, and endpoint detection and response (EDR).
• Strong understanding of networking concepts, firewalls, VPNs, and encryption.
• Knowledge of security frameworks and compliance standards.
• Excellent analytical and problem-solving skills.
• Strong communication and collaboration skills, with the ability to work effectively with technical and non-technical teams.
• Relevant security certifications such as CISSP, CCSP, AWS Certified Security – Specialty, or Azure Security Engineer are highly desirable.
• Experience with scripting languages (e.g., Python, PowerShell) for automation is a plus.

The Information Security Specialist supports the Head of Information Security and Business Continuity in safeguarding the bank’s critical information assets and ensuring the resilience of its operations. This role is responsible for implementing and maintaining comprehensive information security measures, business continuity plans, and disaster recovery strategies that protect the bank’s systems, data, and services from cybersecurity threats and operational disruptions.

The Specialist will contribute to the bank's proactive risk management approach by identifying vulnerabilities, responding to incidents, ensuring regulatory compliance, and leading initiatives to enhance business continuity. In addition, this role involves coordinating BCP and DR activities, conducting regular testing, and ensuring the organization’s preparedness for crises or emergencies.

Reporting directly to the Head of Information Security and Business Continuity, the Specialist will collaborate closely with IT and other departments and business units to integrate security and business continuity frameworks into the bank’s operational processes, supporting a secure and resilient environment that enables the bank to achieve its strategic objectives.

Responsibilities of the role:

Information Security:

• Develop, implement, and maintain information security policies, procedures, and standards in alignment with PCI-DSS and regulatory requirements.
• Monitor, analyze, and respond to security incidents, vulnerabilities, and threats across the bank’s IT systems and networks
• Conduct periodic risk assessments and gap analyses to identify security weaknesses and develop mitigation strategies
• Coordinate internal and external audits related to information security; ensure timely closure of audit findings
• Provide security awareness training to staff and promote a culture of information security
• Support secure configuration and change management processes across IT assets and infrastructure
• Work with IT and other departments to ensure security is embedded into system design and operational processes
• Stay up to date with current cyber threats and trends, and recommend appropriate risk mitigation measures

Business Continuity:

• Develop and maintain the bank’s business continuity management frameworks in line with the bank’s and regulatory guidelines
• Conduct business impact analyses (BIAs) and risk assessments across business units to identify critical functions and recovery priorities
• Lead the development, testing, and continuous improvement of BCP and DR plans to ensure organizational resilience.
• Coordinate with IT, facilities, and business teams to ensure recovery strategies are effective and practical.
• Conduct regular BCP/DR drills and exercises, and report findings with actionable recommendations.
• Liaise with regulatory bodies, auditors, and stakeholders to ensure compliance and readiness.
• Maintain documentation and evidence of BCM program activities and test results.

Areas of Knowledge, Qualification and Experience

• Atleast 5 years of experience working within a Banking Environment
• Bachelors Degree in Computer Science / Cyber Security background.
• Relevant certifications from ISC2, ISACA, SANS are highly preferred
• In-depth understanding of global information security standards (e.g., ISO 27001, NIST Cybersecurity Framework, CIS Controls) and regulatory requirements (e.g., CBB, PCI-DSS). Ability to implement and manage these frameworks within a banking context.

This role will be responsible for handling the implementation and maintenance of GFG and subsidiaries Information Security Management System in accordance with local laws, regulations and best practices.

1. Support Head Information Security in defining and implementation of information security governance documentation including policies, manual, SOPs and guidelines.
2. Support Head Information Security in conducting Risk-based Assessment of Information Security policies and operating procedures owned by other departments within the group against industry-recognized security standards and best practices, ensuring adequate preventive, detective and corrective controls to provide data integrity, confidentiality and availability.
3. Support Head Information Security in conducting analysis of security requirements and controls to identify gaps and provides recommendations of industry best practices, trends, and technology products.
4. Support Head Information Security in conducting on annual basis and continuous basis Information Security Risk Assessment, identify business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
5. Develop and maintain information register and ensure that the information is classified by data owners and protected in accordance with the information classification framework.
6. Conducting awareness sessions to the new and existing employees on information security policies and global trends as per the awareness program.
7. Support in defining information security requirements in information systems, projects and third parties in cooperation with the delivery departments i.e. ICT, and FM.
8. Support in conducting incident investigation for information security incidents and ensuring that the necessary actions and disciplinary actions are taken.
9. Support in defining information security requirements to be included in ICT Disaster recovery plans to ensure continuity of information security controls during disasters.
10. Support in conducting internal and external audits to ensure that BAC Information Security Management system complies with best practices and local regulations.
11. Improve the maturity of the information security management system through suggesting and supporting in the implementation of technologies such as DLP solutions, GRC solutions etc.

Bachelor’s degree in information technology.

Certified Information Security Auditor (CISA) (Preferred)

3+ years of Information Security experience

1. Proven ability to establish and manage “dotted-line” business relationships to deliver agreed outcomes/deliverables.
2. Ability to work effectively with all levels of personnel across the organization.
3. Proven ability to communicate clearly and appropriately based on audience with excellent facilitation and customer service skills.
4. Excellent written and verbal communications, critical thinking skills, effective interpersonal skills, strong formal presentation abilities.
5. Ability to be flexible and work effectively with ambiguity and change.

• Develop, implement, and manage the organization's overall information security strategy and roadmap.
• Oversee the design, implementation, and maintenance of security controls and technologies to protect networks, systems, and data from threats.
• Lead and manage the information security team, providing guidance, mentorship, and performance management.
• Conduct regular risk assessments, identify potential security vulnerabilities, and implement mitigation strategies.
• Develop and manage the incident response plan, leading the team during security incidents and ensuring swift resolution.
• Ensure compliance with relevant data protection regulations, industry standards (e.g., ISO 27001, NIST), and corporate policies.
• Develop and deliver comprehensive security awareness training programs for all employees.
• Manage relationships with external security vendors and service providers.
• Oversee vulnerability management programs, penetration testing, and security audits.
• Review and approve security-related policies, procedures, and guidelines.
• Collaborate with IT, legal, and business units to integrate security considerations into all aspects of the organization.
• Monitor the threat landscape and proactively adapt security measures to emerging risks.
• Manage the information security budget and resources effectively.
• Contribute to the development of business continuity and disaster recovery plans from a security perspective.
• Stay informed about the latest cybersecurity threats, technologies, and best practices.

• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field. Master's degree preferred.
• Minimum of 8 years of progressive experience in information security, with at least 3 years in a management or leadership role.
• Proven expertise in developing and executing cybersecurity strategies and programs.
• In-depth knowledge of cybersecurity frameworks (NIST, ISO 27001), risk management, and compliance.
• Strong experience in incident response, threat intelligence, and vulnerability management.
• Familiarity with network security, endpoint security, cloud security, and application security.
• Relevant security certifications such as CISSP, CISM, CISA, or CRISC are highly desirable.
• Excellent leadership, team management, and communication skills.
• Strong analytical, problem-solving, and strategic thinking abilities.
• Ability to effectively communicate security risks and strategies to executive leadership.

• Monitor security alerts and investigate potential security incidents, identifying and analyzing threats.
• Implement and maintain security controls, policies, and procedures to safeguard information assets.
• Conduct vulnerability assessments and penetration testing to identify and remediate security weaknesses.
• Develop and manage security awareness training programs for employees.
• Respond to security breaches, perform forensic analysis, and implement recovery measures.
• Manage and configure security tools and technologies, such as firewalls, intrusion detection systems, and antivirus software.
• Stay up-to-date with the latest cybersecurity threats, trends, and best practices.
• Ensure compliance with relevant security standards and regulations (e.g., ISO 27001, GDPR).
• Collaborate with IT teams to implement secure system configurations and development practices.
• Prepare reports on security status, incident response activities, and risk assessments.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 4 years of experience in information security, cybersecurity operations, or a related role.
• In-depth knowledge of cybersecurity principles, network security, and security technologies.
• Experience with security assessment tools and methodologies.
• Proficiency in security incident response and digital forensics.
• Understanding of common security vulnerabilities and their exploitation.
• Relevant certifications such as CISSP, CompTIA Security+, or CEH are highly desirable.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills, with the ability to explain technical concepts to non-technical audiences.
• Ability to work under pressure and manage multiple priorities effectively.

• Monitoring network and system activity for security breaches and suspicious behavior.
• Implementing and maintaining security controls, such as firewalls, intrusion detection/prevention systems, and antivirus software.
• Conducting vulnerability assessments and penetration testing to identify and address security weaknesses.
• Developing and updating security policies, procedures, and guidelines.
• Responding to and investigating security incidents, including data breaches and malware outbreaks.
• Performing security awareness training for employees.
• Ensuring compliance with relevant data protection regulations and industry standards.
• Analyzing security logs and audit trails to detect potential threats.
• Collaborating with IT teams to implement security best practices across all systems.
• Managing and configuring security tools and technologies.
• Keeping abreast of the latest cybersecurity threats, trends, and technologies.
• Preparing regular reports on security posture and incident summaries for management.

• Monitor and analyze security logs and events to detect and respond to threats.
• Conduct vulnerability assessments and penetration testing to identify weaknesses in systems and networks.
• Implement and manage security tools and technologies, including firewalls, intrusion detection/prevention systems, and antivirus software.
• Develop and enforce information security policies, procedures, and standards.
• Respond to security incidents, performing analysis, containment, eradication, and recovery.
• Manage security awareness training programs for employees.
• Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and trends.
• Collaborate with IT teams to ensure security is integrated into system design and deployment.
• Assist in developing and maintaining disaster recovery and business continuity plans.
• Perform security audits and ensure compliance with regulatory requirements.
• Evaluate and recommend new security technologies and solutions.
• Investigate security breaches and provide detailed incident reports.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 3-5 years of experience in information security or a closely related IT role.
• Strong knowledge of cybersecurity principles, frameworks (e.g., NIST, ISO 27001), and best practices.
• Experience with security monitoring tools, SIEM systems, and vulnerability management tools.
• Understanding of network security, operating system security, and application security.
• Excellent analytical, problem-solving, and critical thinking skills.
• Proficiency in scripting languages (e.g., Python, PowerShell) is a plus.
• Relevant security certifications such as CompTIA Security+, CEH, CISSP are highly desirable.
• Strong communication and interpersonal skills.
• Ability to work effectively in a team and independently.
• Experience with cloud security concepts is advantageous.