2 326 Data Security jobs in Bahrain

• Design, deploy, and manage comprehensive data security solutions, including encryption, tokenization, and key management systems.
• Implement and enforce data access control policies, role-based access control (RBAC), and privileged access management (PAM).
• Develop, configure, and fine-tune Data Loss Prevention (DLP) tools to monitor and prevent unauthorized data exfiltration.
• Lead security investigations into data breaches or potential security incidents, providing forensic analysis and remediation recommendations.
• Develop and maintain security architecture diagrams and documentation for data protection systems.
• Collaborate with software development teams to integrate security best practices into the software development lifecycle (SDLC).
• Stay current with emerging data security threats, vulnerabilities, and technologies, and adapt security strategies accordingly.
• Develop and deliver security awareness training for employees, focusing on data protection best practices.
• Ensure compliance with relevant data protection regulations (e.g., GDPR, CCPA, local laws).
• Mentor junior security engineers and contribute to the overall growth of the security team.
• Evaluate and recommend new security technologies and tools to enhance data security posture.

• Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Minimum of 7 years of progressive experience in data security engineering or a related information security role.
• Proven expertise in data encryption technologies, secure protocols, and access control mechanisms.
• Hands-on experience with DLP solutions, SIEM platforms, and vulnerability assessment tools.
• Strong understanding of cloud security principles (AWS, Azure, GCP) and how to secure data in cloud environments.
• Experience with scripting languages (e.g., Python, PowerShell) for automation of security tasks.
• Excellent analytical, problem-solving, and incident response skills.
• Exceptional communication and interpersonal skills, with the ability to effectively lead and collaborate in a remote environment.
• Relevant certifications such as CISSP, CISM, CompTIA Security+, GIAC certifications are highly desirable.
• Demonstrated leadership experience or strong potential for leading technical teams.
• Experience in regulated industries (e.g., finance, healthcare) is a plus.

Job purpose

• Overseeing information security, cybersecurity and IT risk management programs based on industry-accepted information security and risk management frameworks.
• Responsible for the organization's data privacy and protection function to ensure compliance with various regulations and best practices.

2. Primary Duties Performed

• Develop and maintain the cybersecurity Risk Management Framework of the organization for addressing the overall approach for handling cybersecurity risks and managing them in a methodological manner.

• Evaluate employees' information security awareness and provide the necessary training whenever is needed.

• Conduct frequent reviews on Vulnerability Assessment and Penetration Testing (VAPT) and manage vulnerabilities.

• Define the necessary controls to ensure all regulatory requirements related to cybersecurity are met, designed effectively with clear documentation.

• Identify the critical assets of the organization and ensure implementation of risk identification and management strategies for these critical assets.
• To assess technology projects to ensure that cybersecurity is adequately addressed.
• Responsible to identifying and managing cybersecurity risk for all third-party technology engagements and all cloud computing engagements.
• Evaluates and recommends cybersecurity technologies and solutions.
• Review cybersecurity & Risk Management manual and recommend necessary updates.
• Act as Data Protection Officer to identify and evaluate the Company's data processing activities.
• Monitor data management procedures and compliance within the Company.
• Assess Company compliance with Data Protection Private Law.
• Provide advice and arrange training to employees on Data Protection.
• Review and recommend updates on Data Protection Manual.
• Serve as the point of contact between the company and the data protection authorities.
• Performs other related duties assigned by the department head.

3. Secondary Duties Performed

• Assist in implementing risk management framework, policies and programs covering business, financial, operational, technological, and regulatory risks.
• Assist in the development and management of controls and business contingency plans.
• Maintain and update organizational risk register.
• Oversee the regular validation and testing of the Company Business Continuity Plan.
• Review Risk Management manual and recommend necessary updates.

4. Work & Business Contacts

Internal

• Management team and staff.

External

• Regulatory Bodies: Central Bank of Bahrain and Personal Data Protection Authority.
• Law Firms and Legal Advisors.
• Internal and External Auditors.
• VAPT vendors.

Division / Department: Risk Management

Incumbent Reports to: Manager – Risk & Project Management

• Monitor security alerts and events from various security systems (SIEM, IDS/IPS, firewalls, etc.).
• Conduct vulnerability assessments and penetration testing to identify weaknesses.
• Investigate and respond to security incidents, including analyzing the scope, impact, and root cause.
• Develop and implement security policies, procedures, and best practices.
• Configure and maintain security tools and technologies.
• Provide recommendations for security enhancements and architectural improvements.
• Assist in developing and delivering security awareness training to employees.
• Stay current with emerging security threats, vulnerabilities, and technologies.
• Collaborate with IT teams to ensure security is integrated into system design and deployment.
• Document security incidents, investigations, and remediation efforts.
• Ensure compliance with relevant data protection regulations and standards.
• Participate in security audits and reviews.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 2-4 years of experience in information security, cybersecurity operations, or a related role.
• Strong understanding of network protocols, operating systems (Windows, Linux), and cybersecurity concepts.
• Experience with security tools such as SIEM, firewalls, IDS/IPS, and endpoint protection.
• Knowledge of incident response frameworks and methodologies.
• Relevant certifications such as CompTIA Security+, CEH, or GIAC are a plus.
• Excellent analytical and problem-solving skills.
• Strong communication and reporting abilities.
• Ability to work effectively both independently and as part of a team.
• Proactive approach to identifying and mitigating security risks.

• Monitoring security alerts and events from various security systems (SIEM, IDS/IPS, firewalls, etc.).
• Investigating security incidents, analyzing their impact, and recommending containment and eradication strategies.
• Conducting vulnerability assessments and penetration testing to identify security weaknesses.
• Implementing and managing security controls, policies, and procedures.
• Assisting in the development and maintenance of security awareness training programs for employees.
• Staying current with the latest cybersecurity threats, vulnerabilities, and mitigation techniques.
• Participating in security audits and ensuring compliance with relevant regulations and standards (e.g., ISO 27001, GDPR).
• Developing and maintaining security documentation, including incident response plans and security architecture diagrams.
• Collaborating with IT and other departments to ensure security is integrated into all aspects of the business.
• Providing technical support and guidance on security-related matters.
• Performing security reviews of applications and systems.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 3 years of experience in information security analysis or a related role.
• Strong understanding of networking protocols, operating systems, and common security vulnerabilities.
• Hands-on experience with SIEM tools, firewalls, antivirus software, and other security technologies.
• Knowledge of incident response procedures and digital forensics is a plus.
• Relevant security certifications such as CompTIA Security+, CISSP, or CEH are highly desirable.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to explain complex technical issues to both technical and non-technical audiences.
• Ability to work independently and as part of a collaborative team.
• Proactive attitude towards identifying and mitigating security risks.

• Monitor security alerts and events from various security systems, including SIEM, IDS/IPS, firewalls, and endpoint protection solutions.
• Conduct vulnerability assessments and penetration testing to identify weaknesses in the IT infrastructure.
• Respond to security incidents, investigate their root causes, and implement containment and remediation measures.
• Develop and maintain security policies, procedures, and standards to ensure compliance and best practices.
• Implement and manage security controls to protect systems, networks, and data from unauthorized access and malicious attacks.
• Conduct security awareness training for employees to foster a security-conscious culture.
• Stay abreast of the latest cybersecurity threats, vulnerabilities, and trends, and recommend appropriate countermeasures.
• Assist in the development and execution of disaster recovery and business continuity plans.
• Review and analyze security logs to detect suspicious activities and potential breaches.
• Collaborate with IT teams to ensure that security is integrated into all aspects of system design and implementation.
• Participate in security audits and compliance activities (e.g., ISO 27001, GDPR).

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 4 years of experience in information security, cybersecurity operations, or a related IT security role.
• Strong understanding of network security principles, cybersecurity frameworks, and threat landscapes.
• Hands-on experience with security tools such as SIEM, firewalls, endpoint detection and response (EDR) solutions, and vulnerability scanners.
• Knowledge of common attack vectors and mitigation techniques.
• Excellent analytical, problem-solving, and incident response skills.
• Strong communication and interpersonal skills, with the ability to explain technical security concepts to non-technical audiences.
• Relevant certifications such as CompTIA Security+, CISSP, CEH are highly desirable.
• Ability to work effectively both independently and as part of a hybrid team.
• Experience with cloud security principles (e.g., AWS, Azure) is a plus.

• Monitor security alerts and events from various security tools, including SIEM, IDS/IPS, and firewalls.
• Conduct vulnerability assessments and penetration testing to identify and prioritize security weaknesses.
• Implement and manage security controls, such as access management, encryption, and endpoint security solutions.
• Develop and maintain security policies, procedures, and guidelines.
• Respond to and investigate security incidents, performing root cause analysis and recommending corrective actions.
• Perform regular security audits and compliance checks against relevant standards (e.g., ISO 27001, NIST).
• Provide security awareness training to employees.
• Stay up-to-date with the latest cybersecurity threats, trends, and technologies.
• Collaborate with IT teams to ensure security is integrated into system design and development.
• Assist in the development and execution of disaster recovery and business continuity plans.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Proven experience in information security, cybersecurity operations, or a similar role.
• Strong understanding of security principles, frameworks, and best practices.
• Experience with security tools such as SIEM, vulnerability scanners, and firewalls.
• Knowledge of network security, application security, and cloud security.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Relevant security certifications such as CISSP, CompTIA Security+, or CEH are a plus.
• Ability to work effectively in a hybrid work environment.