108 Information Security jobs in Bahrain

Job purpose

• Overseeing information security, cybersecurity and IT risk management programs based on industry-accepted information security and risk management frameworks.
• Responsible for the organization's data privacy and protection function to ensure compliance with various regulations and best practices.

2. Primary Duties Performed

• Develop and maintain the cybersecurity Risk Management Framework of the organization for addressing the overall approach for handling cybersecurity risks and managing them in a methodological manner.

• Evaluate employees' information security awareness and provide the necessary training whenever is needed.

• Conduct frequent reviews on Vulnerability Assessment and Penetration Testing (VAPT) and manage vulnerabilities.

• Define the necessary controls to ensure all regulatory requirements related to cybersecurity are met, designed effectively with clear documentation.

• Identify the critical assets of the organization and ensure implementation of risk identification and management strategies for these critical assets.
• To assess technology projects to ensure that cybersecurity is adequately addressed.
• Responsible to identifying and managing cybersecurity risk for all third-party technology engagements and all cloud computing engagements.
• Evaluates and recommends cybersecurity technologies and solutions.
• Review cybersecurity & Risk Management manual and recommend necessary updates.
• Act as Data Protection Officer to identify and evaluate the Company's data processing activities.
• Monitor data management procedures and compliance within the Company.
• Assess Company compliance with Data Protection Private Law.
• Provide advice and arrange training to employees on Data Protection.
• Review and recommend updates on Data Protection Manual.
• Serve as the point of contact between the company and the data protection authorities.
• Performs other related duties assigned by the department head.

3. Secondary Duties Performed

• Assist in implementing risk management framework, policies and programs covering business, financial, operational, technological, and regulatory risks.
• Assist in the development and management of controls and business contingency plans.
• Maintain and update organizational risk register.
• Oversee the regular validation and testing of the Company Business Continuity Plan.
• Review Risk Management manual and recommend necessary updates.

4. Work & Business Contacts

Internal

• Management team and staff.

External

• Regulatory Bodies: Central Bank of Bahrain and Personal Data Protection Authority.
• Law Firms and Legal Advisors.
• Internal and External Auditors.
• VAPT vendors.

Division / Department: Risk Management

Incumbent Reports to: Manager – Risk & Project Management

The Information Security Specialist supports the Head of Information Security and Business Continuity in safeguarding the bank’s critical information assets and ensuring the resilience of its operations. This role is responsible for implementing and maintaining comprehensive information security measures, business continuity plans, and disaster recovery strategies that protect the bank’s systems, data, and services from cybersecurity threats and operational disruptions.

The Specialist will contribute to the bank's proactive risk management approach by identifying vulnerabilities, responding to incidents, ensuring regulatory compliance, and leading initiatives to enhance business continuity. In addition, this role involves coordinating BCP and DR activities, conducting regular testing, and ensuring the organization’s preparedness for crises or emergencies.

Reporting directly to the Head of Information Security and Business Continuity, the Specialist will collaborate closely with IT and other departments and business units to integrate security and business continuity frameworks into the bank’s operational processes, supporting a secure and resilient environment that enables the bank to achieve its strategic objectives.

Responsibilities of the role:

Information Security:

• Develop, implement, and maintain information security policies, procedures, and standards in alignment with PCI-DSS and regulatory requirements.
• Monitor, analyze, and respond to security incidents, vulnerabilities, and threats across the bank’s IT systems and networks
• Conduct periodic risk assessments and gap analyses to identify security weaknesses and develop mitigation strategies
• Coordinate internal and external audits related to information security; ensure timely closure of audit findings
• Provide security awareness training to staff and promote a culture of information security
• Support secure configuration and change management processes across IT assets and infrastructure
• Work with IT and other departments to ensure security is embedded into system design and operational processes
• Stay up to date with current cyber threats and trends, and recommend appropriate risk mitigation measures

Business Continuity:

• Develop and maintain the bank’s business continuity management frameworks in line with the bank’s and regulatory guidelines
• Conduct business impact analyses (BIAs) and risk assessments across business units to identify critical functions and recovery priorities
• Lead the development, testing, and continuous improvement of BCP and DR plans to ensure organizational resilience.
• Coordinate with IT, facilities, and business teams to ensure recovery strategies are effective and practical.
• Conduct regular BCP/DR drills and exercises, and report findings with actionable recommendations.
• Liaise with regulatory bodies, auditors, and stakeholders to ensure compliance and readiness.
• Maintain documentation and evidence of BCM program activities and test results.

Areas of Knowledge, Qualification and Experience

• Atleast 5 years of experience working within a Banking Environment
• Bachelors Degree in Computer Science / Cyber Security background.
• Relevant certifications from ISC2, ISACA, SANS are highly preferred
• In-depth understanding of global information security standards (e.g., ISO 27001, NIST Cybersecurity Framework, CIS Controls) and regulatory requirements (e.g., CBB, PCI-DSS). Ability to implement and manage these frameworks within a banking context.

VAM Systems is a Business Consulting, IT Solutions and Services company.

VAM Systems is currently looking for Security Architect for our Bahrain operations with the following skillsets & terms and conditions:

Years of Experience: 11-15 Years

Education Qualification: BE Computer Science and Engineering

Certifications required: CISSP, CCSP, CEH, CCNP, AWS, Azure, Java, Python, VB

Professional Training Required: Azure Solutions Architect, AWS Solution Architect, Secure Software Development and Programming.

Skills:

• Proficiency and working knowledge in technology stacks used in application development, especially secure application design.
• Depth knowledge of IT risks, cyber security, and computer operating software like Windows, Linux, and UNIX.
• In-depth knowledge in software design with the aid of programming languages like Python, Java, etc.
• Advanced understanding of security protocols, cryptography, and security.
• Understanding of network protocols, Source Code Reviews, and OWASP Top 10 security practices.
• In-depth knowledge of frameworks used in developing applications.
• Good understanding of security measures such as firewalls, intrusion detection, and prevention systems (IDS/IPS), network access controls, and network segmentation.
• Knowledge of DNS, security principles of routing, authentication, VPN, proxy services, and DDoS mitigation technology.
• Expertise in the architecture of information security systems.
• Good knowledge of IT Infrastructure, Cloud Technologies like AWS, Azure, and Information Security systems, specifically in architecture.

Job Responsibilities:

• Perform security analysis, develop robust security architecture, and integrate security solutions into the Bank's Group environment ensuring the confidentiality, integrity, and availability of the bank’s information.
• Develop security architecture for various Information Security control systems.
• Perform Information Security Risk Assessments of new IT systems, design and recommend security controls to mitigate risks, reassess and enhance security architecture as needed.
• Review security architecture of new technology solutions and business applications, assess security, and recommend security controls to address security risks.
• Research and recommend/implement the security standards, systems, and best practices.
• Review system security, recommend security controls, and implement enhancements.
• Manage information security projects/assignments.
• Evaluate and implement information security technologies and countermeasures against threats to information.
• Review technical service requests and technical changes raised by IT users for Information Security risks.
• Follow Security by Design methodology to assure end-to-end security.
• Develop security baseline for all IT assets, such as routers, firewalls, LANs, WANs, VPNs, and other network devices, and ensure efficacy.
• Provide security architectural guidance to IT Project Managers.
• Understand the risk and weakness in applications.
• Secure application design and architecture, and conduct application security testing.

Job Purpose

The Senior Security Architect will play a key role in building and maintaining IT security solutions and controls for the Bank across new and emerging domains, including Cloud and Innovation. The role will involve developing end-to-end security for Bank ABC and handling any technical problems that arise. The Senior Security Architect will identify IT threats and vulnerabilities, design and build robust security architectures and serve as the “security point person” for technical and business security concerns.
The job holder will be architecting and managing change and implementation with existing and new technologies, reusing when appropriate and implementing when required.
The job requires in-depth knowledge and hard skills (e.g. secure cloud architecture, cryptographic practices, protocols, network and platform security etc.) as well as strong soft skills (e.g. communication and presentation skills, stakeholder management) and a good amount of hands-on previous work experience demonstrating these.

Principal Responsibilities, Accountabilities and Deliverables of Role

Research & Planning:

• Plan, research and design robust enterprise-wide security architectures for any IT or business projects aligned with industry frameworks (e.g. SABSA, TOGAF, NIST, CSA, ISO 27001)
• Develop threat use cases / scenarios to clearly depict threats to security architecture.
• Aligning new security solutions with existing technologies and designing and planning integration.
• Lead and coordinate assessment of existing and target / implemented architecture.

• Prepare cost estimates and identify integration issues for solutions and architectures
• Develop and maintain security reference architectures and roadmaps

• Understanding of Security Engineering outputs and able to oversee and incorporate into security planning
• Able to incorporate security measures into the existing, resultant or target architecture.
• Collaborate with DevOps, Cloud, and IT teams to embed security into CI/CD pipelines and infrastructure (DevSecOps)

• Define and maintain technical security patterns for secure systems and applications
• Design high level and low-level security architecture to meet business and technical requirements
• Design public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures
• Identify and reuse security solutions and consider integration with other tools when designing security solutions.

• Coordinating the installation of security solutions and managing the configuration of said solutions.
• Identifying opportunities to automate processes and activities and coordinating implementation of automation.
• Identifying gaps in architecture and addressing these gaps through defining security requirements based on threat landscape / assessment.

• Coordinate the testing of security solutions
• Conduct threat modelling, risk assessments, and security architecture reviews.

• Expert knowledge in cryptography and Cloud Security solutions and able to research and understand new solutions.
• Expert knowledge of, and hands on experience in, securing AWS, Azure and GCP.

• Define, implement and maintain corporate security policies and procedures
• Monitor issues / remediation activities to ensure gap closure to fulfil security control objectives and meet mandatory external requirements.
• Be informed of changes to industry best practices, changes in architecture (e.g. Cloud) and work with third parties, vendors and the wider bank to design relevant security controls.
• Coordinate with other members of Group IT, Cyber & Information Security, and end user departments to sustain appropriate technical and procedural controls to support the industry mandatory security objectives.

• Develop and own a security strategy and deliver end-to-end including planning and roadmap development.

• Support incident response and security operations by providing architectural insights.

• Design and develop high level security architecture documents.
• Develop architecture patterns to address multiple / differing use cases.
• Develop and enhance Architecture Building Blocks (ABBs) and Solution Building Blocks (SBBs) and design architectures mapping to these building blocks
• Write comprehensive reports including documenting existing architecture and defining baseline and target architecture in terms of components, integration and capabilities, and aligning with business requirements.
• Prepare and document standard operating procedures and protocols.
• Prepare technical and business architecture documentation, as per the defined frequency, and keep it in a clear way to support the Bank and ensure it remains compliant all year round.
• Work in a team environment to educate and analyse security architectures and help develop other activities for reviewing and monitoring mandatory security controls.

• Will be the Product Owner, supporting the senior security architect in Product Owner responsibilities regarding specific security tools under the remit of the team.
• Will be the Product Owner for Microsoft security solutions with hand-on experience of MS Purview, Azure, AWS Security stack and security solutions, ensuring correct configuration, issues identified and resolved, develop processes/procedures and follow up on alerts
• Will be the Product Owner for HSM solution, ensuring correct configuration, issues identified and resolved, develop processes/procedures and manage associated activities (key life cycle management)
• Will be the Product Owner for Microsoft AIP solution, ensuring correct configuration, issues identified and resolved, develop processes/procedures and manage associated activities (classification labelling, handling DLP alerts)
• Will be the Product Owner for Bluecoat proxy / Fireglass solution, ensuring correct configuration, issues identified and resolved, define policies, develop processes/procedures and manage associated activities.

• Product Ownership & Collaboration :
  • Support the Senior Security Architect as the Product Owner for specific security tools within the team’s domain.
• Microsoft Security Solutions :
  • Serve as the Product Owner with expertise in:
    • MS Purview ,Azure Cloud, Active Directory ,Defender , O365 Security andMicrosoft AIP solutions
    • Ensure proper configuration and timely resolution of issues
    • Develop and implement effective processes and procedures
    • Good knowledge of activities and solving challenges relating to classification, labeling, and handling Data Loss Prevention (DLP)
    • Continuously monitor and follow up on security alerts
• HSM Solution Management :
  • Oversee the Hardware Security Module (HSM) as Product Owner:
    • Ensure accurate configuration
    • Identify and resolve issues efficiently
    • Develop and manage processes and procedures
    • Responsible for key lifecycle management

• Strong understanding of Cloud Computing Security, including AWS, Azure, Office 365, APIs and WEB services

• Strong knowledge in designing and implementing cryptographic solutions including PKI infrastructure, certificate management and deploying encryption technologies for systems, databases, applications across on-premises and cloud
• Understanding of Information Security frameworks (e.g., ISO 27001/27002, NIST CSF, CIS TOP 20)
• Deep knowledge of network, application, cloud and data security best practices
• Understanding of architecture frameworks (e.g. TOGAF, SABSA)
• Good knowledge and hands-on experience in security systems, including CASB, HSMs, web proxies and content filtering, DLP solutions, etc
• Detailed technical knowledge of operating system and Cloud CIS baseline
• Good knowledge of low-level and high-level security architecture design and development
• Good understanding of security design patterns
• Familiarity with regulatory and compliance requirements (e.g., CBB, GDPR, ISO 27001, PCI-DSS, SOC2)
• Broad understanding of the Information Security domains: Infrastructure Security, Access Management, Physical Security, Application Security, Security Compliance, and IT Change Management

• University degree with an IT and / or Cyber Security background

• Recognized and active Information Security and platform qualifications (e.g., CISSP, CISM, EC Council or SANS related certifications, AWS or other cloud specific certifications).
• Desirable Certifications: GIAC Defensible Security Architecture

• At least 8 years of work experience
• 3+ years of direct hands-on experience on configuring technical security solutions and working with Cloud Service Providers (including Azure, Office 365 and AWS) ideally within financial services
• Experience with threat modelling tools and methodologies (e.g., STRIDE, DREAD, MITRE ATT&CK)
• Experience in working with cryptographic solutions (e.g. HSM)
• Experience in developing high level architecture for the cloud and hands-on experience designing secure architectures in cloud environments (AWS, Azure, GCP)
• Strong understanding of IAM, MFA, authentication protocols (OAuth, SAML, OpenID Connect) and able to configure well known Security Solutions in this domain.
• Experience in securing APIs, containers and microservices
• Experience with network security and networking technologies and with system, security, and network monitoring tools
• Recent, full-time working experience with financial institutions
• Practical experience on working with cloud technologies and implementing security in hybrid and multi-cloud scenarios.

• Strong team player
• Fluent in English (mandatory)
• Ability to organise and prioritise tasks
• Able to conduct the role with minimum supervision
• Strong communication skills capable of dealing with wide range of internal and external stakeholders articulating security risks in business-friendly terms.

Get AI-powered advice on this job and more exclusive features.

VAM Systems is currently looking for a Security Architect for our Bahrain operations with the following skillsets & terms and conditions:

• Years of Experience : 7-10 Years
• Education Qualification : BE in Computer Science and Engineering
• Certifications required : CISSP, CCSP, CEH, CCNP, AWS, Azure, Java, Python, VB
• Professional Training Required : Azure Solutions Architect, AWS Solution Architect, Secure Software Development and Programming

• Proficiency and working knowledge in technology stacks used in application development, Web applications, especially secure application design.
• Deep knowledge of IT risks, cyber security, and operating systems like Windows, Linux, UNIX.
• In-depth knowledge of software design using programming languages like Python, Java, etc.
• Advanced understanding of security protocols, cryptography, and security measures.
• Understanding of network protocols, Source Code Reviews, and OWASP Top 10 security practices.
• Knowledge of frameworks used in application development.
• Good understanding of security measures such as firewalls, IDS/IPS, network access controls, and segmentation.
• Knowledge of DNS, routing security principles, VPN, proxy services, and DDoS mitigation.
• Expertise in information security architecture and project management.
• Good knowledge of IT Infrastructure, Cloud Technologies like AWS, Azure, and Security systems architecture.

• Perform security analysis, develop security architecture, and implement security solutions to ensure confidentiality, integrity, and availability of information.
• Develop security architecture for various security control systems.
• Conduct security risk assessments of new IT systems, design security controls, and improve security architecture.
• Review and recommend security controls for new technology solutions and applications.
• Research and implement security standards and best practices.
• Review system security, recommend and implement security enhancements.
• Manage security projects and evaluate security technologies.
• Review security requests and changes for risks.
• Follow Security by Design principles.
• Develop security baselines for all IT assets and ensure their efficacy.
• Provide security guidance to IT project managers.
• Identify application vulnerabilities and conduct security testing.

Bank

Joining time frame: 15-30 Days

• Executive

• Full-time

• Information Technology

• IT Services and IT Consulting

Referrals can increase your chances of interviewing at VAM Systems by 2x.

Get notified about new Security Architect jobs in Manama, Capital Governorate, Bahrain .

Bachelor of Technology/Engineering(Computers)

Nationality

Any Nationality

Vacancy

1 Vacancy

Job Description

Job Purpose

The Senior Security Architect will play a key role in building and maintaining IT security solutions and controls for the Bank across new and emerging domains, including Cloud and Innovation. The role will involve developing end-to-end security for Bank ABC and handling any technical problems that arise. The Senior Security Architect will identify IT threats and vulnerabilities, design and build robust security architectures and serve as the security point person for technical and business security concerns.
The job holder will be architecting and managing change and implementation with existing and new technologies, reusing when appropriate and implementing when required.
The job requires in-depth knowledge and hard skills (e.g. secure cloud architecture, cryptographic practices, protocols, network and platform security etc.) as well as strong soft skills (e.g. communication and presentation skills, stakeholder management) and a good amount of hands-on previous work experience demonstrating these.

Principal Responsibilities, Accountabilities and Deliverables of Role

Research & Planning:

• Plan, research and design robust enterprise-wide security architectures for any IT or business projects aligned with industry frameworks (e.g. SABSA, TOGAF, NIST, CSA, ISO 27001)
• Develop threat use cases / scenarios to clearly depict threats to security architecture.
• Aligning new security solutions with existing technologies and designing and planning integration.
• Lead and coordinate assessment of existing and target / implemented architecture.

• Prepare cost estimates and identify integration issues for solutions and architectures
• Develop and maintain security reference architectures and roadmaps

• Understanding of Security Engineering outputs and able to oversee and incorporate into security planning
• Able to incorporate security measures into the existing, resultant or target architecture.
• Collaborate with DevOps, Cloud, and IT teams to embed security into CI/CD pipelines and infrastructure (DevSecOps)

• Define and maintain technical security patterns for secure systems and applications
• Design high level and low-level security architecture to meet business and technical requirements
• Design public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures
• Identify and reuse security solutions and consider integration with other tools when designing security solutions.

• Product Ownership & Collaboration :
  • Support the Senior Security Architect as the Product Owner for specific security tools within the team s domain.
• Microsoft Security Solutions :
  • Serve as the Product Owner with expertise in:
    • MS Purview , Azure Cloud, Active Directory , Defender , O365 Security and Microsoft AIP solutions
    • Ensure proper configuration and timely resolution of issues
    • Develop and implement effective processes and procedures
    • Good knowledge of activities and solving challenges relating to classification, labeling, and handling Data Loss Prevention (DLP)
    • Continuously monitor and follow up on security alerts
• HSM Solution Management :
  • Oversee the Hardware Security Module (HSM) as Product Owner:
    • Ensure accurate configuration
    • Identify and resolve issues efficiently
    • Develop and manage processes and procedures
    • Responsible for key lifecycle management

Desired Candidate Profile

Job Requirements
Knowledge

• Strong understanding of Cloud Computing Security, including AWS, Azure, Office 365, APIs and WEB services
• Strong knowledge in designing and implementing cryptographic solutions including PKI infrastructure, certificate management and deploying encryption technologies for systems, databases, applications across on-premises and cloud
• Understanding of Information Security frameworks (e.g., ISO 27001/27002, NIST CSF, CIS TOP 20)
• Deep knowledge of network, application, cloud and data security best practices
• Understanding of architecture frameworks (e.g. TOGAF, SABSA)
• Good knowledge and hands-on experience in security systems, including CASB, HSMs, web proxies and content filtering, DLP solutions, etc
• Detailed technical knowledge of operating system and Cloud CIS baseline
• Good knowledge of low-level and high-level security architecture design and development
• Good understanding of security design patterns
• Familiarity with regulatory and compliance requirements (e.g., CBB, GDPR, ISO 27001, PCI-DSS, SOC2)
• Broad understanding of the Information Security domains: Infrastructure Security, Access Management, Physical Security, Application Security, Security Compliance, and IT Change Management

Desired Candidate Profile

Job Requirements
Knowledge

• Strong understanding of Cloud Computing Security, including AWS, Azure, Office 365, APIs and WEB services

• Strong knowledge in designing and implementing cryptographic solutions including PKI infrastructure, certificate management and deploying encryption technologies for systems, databases, applications across on-premises and cloud
• Understanding of Information Security frameworks (e.g., ISO 27001/27002, NIST CSF, CIS TOP 20)
• Deep knowledge of network, application, cloud and data security best practices
• Understanding of architecture frameworks (e.g. TOGAF, SABSA)
• Good knowledge and hands-on experience in security systems, including CASB, HSMs, web proxies and content filtering, DLP solutions, etc
• Detailed technical knowledge of operating system and Cloud CIS baseline
• Good knowledge of low-level and high-level security architecture design and development
• Good understanding of security design patterns
• Familiarity with regulatory and compliance requirements (e.g., CBB, GDPR, ISO 27001, PCI-DSS, SOC2)
• Broad understanding of the Information Security domains: Infrastructure Security, Access Management, Physical Security, Application Security, Security Compliance, and IT Change Management

• University degree with an IT and / or Cyber Security background

• Recognized and active Information Security and platform qualifications (e.g., CISSP, CISM, EC Council or SANS related certifications, AWS or other cloud specific certifications).
• Desirable Certifications: GIAC Defensible Security Architecture

• At least 8 years of work experience
• 3+ years of direct hands-on experience on configuring technical security solutions and working with Cloud Service Providers (including Azure, Office 365 and AWS) ideally within financial services
• Experience with threat modelling tools and methodologies (e.g., STRIDE, DREAD, MITRE ATT&CK)
• Experience in working with cryptographic solutions (e.g. HSM)
• Experience in developing high level architecture for the cloud and hands-on experience designing secure architectures in cloud environments (AWS, Azure, GCP)
• Strong understanding of IAM, MFA, authentication protocols (OAuth, SAML, OpenID Connect) and able to configure well known Security Solutions in this domain.
• Experience in securing APIs, containers and microservices
• Experience with network security and networking technologies and with system, security, and network monitoring tools
• Recent, full-time working experience with financial institutions
• Practical experience on working with cloud technologies and implementing security in hybrid and multi-cloud scenarios.

• Strong team player
• Fluent in English (mandatory)
• Ability to organise and prioritise tasks
• Able to conduct the role with minimum supervision
• Strong communication skills capable of dealing with wide range of internal and external stakeholders articulating security risks in business-friendly terms.

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at

• Prepare daily schedules and assign patrol duties to Security Officers.
• Supervise key distribution and control, reporting discrepancies immediately.
• Maintain accurate records of control center documents, including logs, lost and found, and visitor passes.
• Service and maintain all security equipment as per manuals.
• Ensure proper maintenance of hotel vehicles, including logging, key control, damages, and mileage.
• Review scheduled events, VIP arrivals, and discuss instructions with relevant departments.
• Maintain flexibility in work hours to accommodate security needs, day or night.
• Coordinate with local authorities regarding activities affecting hotel operations and share concerns with superiors.
• Control access to high-risk areas, ensuring security of assets and area closure when necessary.
• Report guest complaints or issues to supervisors and follow up accordingly.
• Control access to crime or disaster scenes, preserving evidence until authorities arrive.
• Follow up on guest disturbances and theft reports, ensuring policies are followed, and prepare management reports.
• Supervise security log entries, patrol reports, and security activities.
• Oversee safe interventions and record occurrences in logs.
• Review security reports for completeness and accuracy, and follow up as needed.
• Participate in fire safety programs with the Engineering and other departments, ensuring compliance.
• Brief and train new staff on fire prevention and firefighting procedures relevant to their roles.

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.

Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.

The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.

The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

What you will do in this role:

• Implement and evolve Canonical's Security Operation Center
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change
  
  

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Previous professional experience working or leading a Security Operation Center
• Deep personal motivation to be at the forefront of technology security
• Expertise in threat modelling and risk management frameworks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF and ISO27001
  
  

• Experience in a security operations team or a security operations centre (SOC)
• Experience in offensive or defensive security teams with hands-on ability
• Experience with state-actor and other advanced persistent threats
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  
  

Welcome to the award-winning five-star Mövenpick Hotel Bahrain, located adjacent to Bahrain International Airport, with a magnificent view of the sprawling lagoon and less than 10 minutes away from downtown Manama, the capital of Bahrain.

The hotel offers 97 luxury rooms and 10 suites with state-of-the-art facilities and amenities. Our hotel has undergone a complete transformation, including restaurants, bars, rooms, and suites.

Silk's restaurant provides all-day dining with international cuisine and theme nights. Gallery lounge, located in the high-ceiling, naturally lit glass lobby, serves French pastries, high tea, Swiss Mövenpick coffee, and delights. Xenia bar and lounge offers exotic cocktails, bar food, and live nightly entertainment. The hotel is renowned for its award-winning Friday Brunch.

The European Rimal Spa features 12 treatment rooms, including single and double suites, Turkish hammam suites with steam rooms, and non-surgical CACI Synergy machines. All treatment rooms are designed to high standards with private showers.

Mövenpick Hotel Bahrain combines world-class luxury hospitality with Arabian tradition and Swiss touches, making guests feel at home in one of the Gulf Region's most attractive destinations.

1. Prepare daily schedule requirements and assign shifts to Security Officers.
2. Supervise key distribution and control, reporting discrepancies immediately.
3. Maintain accurate records of security logs, key control, lost and found, and visitor passes.
4. Service all security equipment as per manuals.
5. Ensure proper maintenance of hotel vehicles, manage car logs, keys, damages, and mileage.
6. Review upcoming events, VIP arrivals, and coordinate with relevant departments.
7. Be flexible with work hours to accommodate security needs, including day and night shifts.
8. Liaise with local authorities regarding activities affecting hotel operations.
9. Control access to high-risk areas, ensuring security of assets.
10. Report guest complaints and follow up to resolve issues.
11. Manage access to crime or disaster scenes to preserve evidence.
12. Follow up on guest disturbances and theft incidents, ensuring policies are followed, and prepare management reports.
13. Supervise security log entries and patrol reports.
14. Oversee safe interventions and record all occurrences.
15. Review security reports for accuracy and follow-up.
16. Participate in fire safety programs with engineering and other departments.
17. Brief and train new staff on fire prevention and firefighting procedures relevant to their roles.