982 Information Security jobs in Bahrain

Information Security and Data Protection Specialist

Manama, Capital Career Maker

Posted today

Job Viewed

Tap Again To Close

Job Description

Job purpose

  • Overseeing information security, cybersecurity and IT risk management programs based on industry-accepted information security and risk management frameworks.
  • Responsible for the organization's data privacy and protection function to ensure compliance with various regulations and best practices.

2. Primary Duties Performed

  • Develop and maintain the cybersecurity Risk Management Framework of the organization for addressing the overall approach for handling cybersecurity risks and managing them in a methodological manner.
  • Evaluate employees' information security awareness and provide the necessary training whenever is needed.
  • Conduct frequent reviews on Vulnerability Assessment and Penetration Testing (VAPT) and manage vulnerabilities.
  • Define the necessary controls to ensure all regulatory requirements related to cybersecurity are met, designed effectively with clear documentation.
  • Identify the critical assets of the organization and ensure implementation of risk identification and management strategies for these critical assets.
  • To assess technology projects to ensure that cybersecurity is adequately addressed.
  • Responsible to identifying and managing cybersecurity risk for all third-party technology engagements and all cloud computing engagements.
  • Evaluates and recommends cybersecurity technologies and solutions.
  • Review cybersecurity & Risk Management manual and recommend necessary updates.
  • Act as Data Protection Officer to identify and evaluate the Company's data processing activities.
  • Monitor data management procedures and compliance within the Company.
  • Assess Company compliance with Data Protection Private Law.
  • Provide advice and arrange training to employees on Data Protection.
  • Review and recommend updates on Data Protection Manual.
  • Serve as the point of contact between the company and the data protection authorities.
  • Performs other related duties assigned by the department head.

3. Secondary Duties Performed

  • Assist in implementing risk management framework, policies and programs covering business, financial, operational, technological, and regulatory risks.
  • Assist in the development and management of controls and business contingency plans.
  • Maintain and update organizational risk register.
  • Oversee the regular validation and testing of the Company Business Continuity Plan.
  • Review Risk Management manual and recommend necessary updates.

4. Work & Business Contacts

Internal

  • Management team and staff.

External

  • Regulatory Bodies: Central Bank of Bahrain and Personal Data Protection Authority.
  • Law Firms and Legal Advisors.
  • Internal and External Auditors.
  • VAPT vendors.

Division / Department: Risk Management

Incumbent Reports to: Manager – Risk & Project Management

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Linux Cryptography and Security Engineer

Canonical

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

workfromhome
Linux Cryptography and Security Engineer Join or sign in to find your next job

Join to apply for the Linux Cryptography and Security Engineer role at Canonical

Linux Cryptography and Security Engineer

3 days ago Be among the first 25 applicants

Join to apply for the Linux Cryptography and Security Engineer role at Canonical

This is a unique opportunity to use your software engineering and cryptography skills to build and maintain the security foundation that enables Ubuntu and its users to operate securely and remain compliant to international information security standards such as FIPS 140-3 and Common Criteria. You will use your applied cryptography, Linux Security, and coding skills to enhance the Ubuntu distribution and work with organizations such as DISA and CIS to draft and implement security hardening benchmarks for Ubuntu.

As a member of the Security Hardening team you will work with and develop automation tooling to audit deployed systems for DISA-STIG and CIS benchmark compliance. You will interact with internal and external stakeholders to identify gaps in our frameworks, and develop new solutions to address these challenges. In this role you will have the opportunity to influence team and security culture, facilitate technical delivery, and help drive team direction and execution. You'll collaborate closely with Canonical's kernel team as well as the wider engineering organization to drive features impacting all Ubuntu users.

Day-to-day responsibilities

  • Collaborate with other engineers in the Security Hardening team to achieve and retain various Security certifications
  • Extend and enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, and others) with the features and functionality required for FIPS and CC certification
  • Collaborate with external security consultants to test and validate kernel and crypto module components
  • Work with external partners to develop security hardening benchmarks and audit + remediation automation for Ubuntu
  • Contribute to Ubuntu mainline and upstream projects to land solutions and benefit the community
  • Communication and collaboration within and outside Canonical to identify opportunities to improve our security posture, rapidly resolve issues, and deliver high-quality solutions on schedule

What we are looking for in you

  • Hands-on experience with low-level Linux cryptography APIs and debugging
  • Excellent software engineering fundamentals, including prior experience with C development, and the ability to demonstrate such
  • Hands-on experience with Linux system administration and shell scripting
  • Demonstrated knowledge of security and cryptography fundamentals + direct experience writing secure code and implementing best practices
  • Significant development experience working with open source libraries
  • Excellent verbal and written communications to enable efficient collaboration with internal and external partners in a remote-first environment

Additional Skills That You Might Also Bring

  • Prior experience working on FIPS/Common Criteria certified products and in-depth knowledge of the underlying standards
  • Prior experience working directly with DISA-STIG or CIS benchmarks, including related audit + remediation tooling (e.g. Compliance as Code)
  • Experience working directly with Linux Kernel
  • Prior experience with Python, OVAL (Open Vulnerability Assessment Language), and Ansible
  • History of contributions to open source projects

What we offer you

We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

  • Distributed work environment with twice-yearly team sprints in person - we've been working remotely since 2004!
  • Personal learning and development budget of USD 2,000 per year
  • Annual compensation review
  • Recognition rewards
  • Annual holiday leave
  • Maternity and paternity leave
  • Employee Assistance Programme
  • Opportunity to travel to new locations to meet colleagues from your team and others
  • Priority Pass for travel and travel upgrades for long haul company events

About Canonical

Canonical is a pioneering tech firm that is at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do.

Canonical has been a remote-first company since its inception in 2004. Work at Canonical is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game. Canonical provides a unique window into the world of 21st-century digital business.

Canonical is an equal opportunity employer

We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

Seniority level
  • Seniority level Entry level
Employment type
  • Employment type Full-time
Job function
  • Job function Information Technology
  • Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Sign in to set job alerts for “Security Engineer” roles.

Manama, Capital Governorate, Bahrain 4 months ago

Manama, Capital Governorate, Bahrain 1 month ago

Bahrain $60,000.00-$120,000.00 1 month ago

Manama, Capital Governorate, Bahrain 3 days ago

Manama, Capital Governorate, Bahrain 3 weeks ago

Junior Software Engineer - Cross-platform C++ - Multipass

Manama, Capital Governorate, Bahrain 2 months ago

Software Engineer - Solutions Engineering

Manama, Capital Governorate, Bahrain 3 days ago

Graduate Software Engineer, Open Source and Linux, Canonical Ubuntu

Manama, Capital Governorate, Bahrain 3 days ago

Manama, Capital Governorate, Bahrain 5 months ago

Manama, Capital Governorate, Bahrain 6 months ago

Seef, Capital Governorate, Bahrain 4 weeks ago

Manama, Capital Governorate, Bahrain 2 months ago

Manama, Capital Governorate, Bahrain 3 days ago

System Software Engineer - GCC/LLVM compiler, tooling, and ecosystem

Manama, Capital Governorate, Bahrain 3 days ago

Manama, Capital Governorate, Bahrain 1 month ago

Software Engineer - Python - Container Images

Manama, Capital Governorate, Bahrain 2 months ago

Software Engineer - Cross-platform C++ - Multipass

Manama, Capital Governorate, Bahrain 5 months ago

Manama, Capital Governorate, Bahrain 3 days ago

Manama, Capital Governorate, Bahrain 3 weeks ago

Manama, Capital Governorate, Bahrain 3 days ago

Manama, Capital Governorate, Bahrain 3 days ago

Software Engineer - Python - Container Images

Manama, Capital Governorate, Bahrain 2 months ago

Manama, Capital Governorate, Bahrain 1 month ago

Manama, Capital Governorate, Bahrain 1 month ago

Manama, Capital Governorate, Bahrain 3 days ago

Manama, Capital Governorate, Bahrain 3 days ago

Distributed Systems Software Engineer, Python / Go

Manama, Capital Governorate, Bahrain 4 months ago

Python and Kubernetes Software Engineer - Data, AI/ML & Analytics

Manama, Capital Governorate, Bahrain 6 months ago

Manama, Capital Governorate, Bahrain 2 months ago

Software Engineer - Python - Container Images

Manama, Capital Governorate, Bahrain 4 months ago

Manama, Capital Governorate, Bahrain 2 months ago

Software Engineer - Immutable Ubuntu Desktop

Manama, Capital Governorate, Bahrain 4 months ago

Manama, Capital Governorate, Bahrain 2 months ago

Manama, Capital Governorate, Bahrain 3 days ago

Python Software Engineer - Ubuntu Hardware Certification Team

Manama, Capital Governorate, Bahrain 4 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

IT COMPLIANCE & RISK

Manama, Capital Minds United

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

Full Time

Job Purpose

The IT Compliance & Risk Lead is responsible for the assessment of technology vendor risks and control effectiveness across the IT disciplines. The IT Risk lead will identify, classify, and document control issues in the bank's environment by documenting assessment results, recommending corrective action, tracking remediation, evaluating policy and control standard exceptions, and regularly reporting to IT management.

Key Accountabilities

  1. Supports the establishment of the IT risk management process and integration and maturing of the process across the IT disciplines and practices.
  2. Supports development of the technology risk framework, policies, standards, and risk taxonomy.
  3. Supports the implementation and adherence to the risk framework, in collaboration and conjunction with business-aligned risk partners.
  4. Evaluates and identifies technology risk related to divisions and the enterprise, including emerging trends that may impact risk profile.
  5. Supports the self and control risk assessment (RCSA) for IT and engages with the IT stakeholders to define the controls in place, residual risk, and treatment plans.
  6. Maintains a consolidated list of the technology risks at the enterprise level and ensures continuous monitoring of the risks and corresponding mitigation plans.
  7. Implements risk assessments across the enterprise and builds an overall profile of the technology risk.
  8. Provides credible challenge based on risk assessment results and ensures risk is being mitigated.
  9. Collaborates with division risk officers and subject matter experts to ensure policies and standards are practical, effective, and efficient.

Qualifications
Bachelor’s/master’s degree in computer science or related field.
Professional Certifications: COBIT, ITIL, CRISC, ISACA.

Experience
6 – 8 Years

Skills

  1. Minimum 3-5 years of experience in an IT risk and compliance role.
  2. Solid understanding of IT governance, information security policies, standards, and industry best practices.
  3. Experience in technology and operational risks frameworks.
  4. Practical experience in scoping, conducting risk assessments, and documenting results.
  5. Detail-oriented and able to meet tight deadlines.
  6. Excellent documentation skills and ability to communicate effectively across functional areas.
#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Delivery Consultant - Infrastructure and Security, Professional Services

Manama, Capital Amazon Web Services (AWS)

Posted 6 days ago

Job Viewed

Tap Again To Close

Job Description

Overview

Delivery Consultant - Infrastructure and Security, Professional Services role at Amazon Web Services (AWS). In this role, you will work closely with customers to design, implement, and manage AWS solutions that meet their technical requirements and business objectives. You will be a key player in driving customer success through their cloud journey, providing technical expertise and best practices throughout the project lifecycle.

Responsibilities
  • Designing and implementing complex, scalable, and secure AWS solutions tailored to customer needs
  • Providing technical guidance and troubleshooting support throughout project delivery
  • Collaborating with stakeholders to gather requirements and propose effective migration strategies
  • Acting as a trusted advisor to customers on industry trends and emerging technologies
  • Sharing knowledge within the organization through mentoring, training, and creating reusable artifacts
About The Team

The AWS Professional Services (ProServe) team helps customers realize their desired business outcomes when using the AWS Cloud. We work with customer teams and the AWS Partner Network (APN) to execute enterprise cloud computing initiatives, delivering guidance through global specialty practices that cover a variety of solutions, technologies, and industries.

Basic Qualifications
  • 7+ years of experience as a technical specialist in customer-facing roles
  • Experience driving discussions with senior personnel regarding trade-offs, best practices, project management and risk mitigation
  • Hands-on experience leading the design, development and deployment of business software at scale or current hands-on technology infrastructure, including networking, compute, storage, and virtualization
  • Experience with automation and scripting (e.g., Terraform, Python) and application migration and modernization
  • Strong communication skills with the ability to explain technical concepts to both technical and non-technical audiences
Preferred Qualifications
  • Bachelor’s degree, or equivalent experience, in Computer Science, Engineering, Mathematics or a related field
  • AWS experience preferred, with proficiency in a wide range of AWS services (e.g., EC2, S3, RDS, Lambda, IAM, VPC, CloudFormation)
  • Experience in an Architect role or similar with a strong track record of implementing AWS services in distributed environments
  • Large-scale migration experience (Data Center to Data Center and/or Data Center to Cloud)
  • Infrastructure automation through DevOps scripting (e.g., shell, Python, Ruby, PowerShell)
Notes

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation during the application and hiring process, including support for the interview or onboarding process, please visit the AWS accommodations page for more information.

Company

Amazon Web Services EMEA SARL, Branch of a Foreign Company

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Staff Security Operations Engineer

Canonical

Posted 6 days ago

Job Viewed

Tap Again To Close

Job Description

workfromhome

Overview

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions – at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest and engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.

Goal and scope

Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team. The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack. The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

What you will do in this role
  • Implement and evolve Canonical's SecOps security standards and playbooks
  • Analyse and improve Canonical's security architecture
  • Evaluate, select and implement new security tools and practices
  • Identify, contain and guide the remediation of security threats and cyber attacks
  • Grow the presence and thought leadership of Canonical SecOps practice
  • Contribute to open source threat intelligence initiatives
  • Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
  • Develop Canonical SecOps learning and development materials
  • Publish blog posts, whitepapers and conference presentations
  • Identify, implement and track SecOps KPIs
  • Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
  • Work with Security leadership to present information and influence change
What we are looking for
  • An exceptional academic track record
  • Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
  • Drive and a track record of going above-and-beyond expectations
  • Deep personal motivation to be at the forefront of technology security
  • Expertise in threat modelling and risk management frameworks
  • Knowledge of security architecture and market-leading security tools
  • Experience contributing to, and consuming, threat intelligence feeds
  • Experience in security risk management frameworks such as NIST CSF
  • Experience with security standards such as ISO 27001
Optional things we value
  • Experience in a security operations team or a security operations centre (SOC)
  • Experience in offensive or defensive security teams with hands-on ability
  • Experience with state-actor and other advanced persistent threats
What we offer you

We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

  • Distributed work environment with twice-yearly team sprints in person
  • Personal learning and development budget of USD 2,000 per year
  • Annual compensation review
  • Recognition rewards
  • Annual holiday leave
  • Maternity and paternity leave
  • Employee Assistance Programme
  • Opportunity to travel to new locations to meet colleagues
  • Priority Pass, and travel upgrades for long haul company events
About Canonical

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.

Canonical is an equal opportunity employer. We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Security Architect

Vamsystems

Posted 8 days ago

Job Viewed

Tap Again To Close

Job Description

Overview

VAM Systems is a Business Consulting, IT Solutions and Services company. VAM Systems is currently looking for Security Architect for our Bahrain operations with the following skillsets & terms and conditions:

Experience and Qualifications
  • Years of Experience: 11-15 Years
  • Education Qualification: BE Computer Science and Engineering
  • Certifications required: CISSP, CCSP, CEH, CCNP, AWS, Azure, Java, VB
  • Professional Training Required: Azure Solutions Architect, AWS Solution Architect, Secure Software Development and Programming.
Skills
  • Proficiency and working knowledge in technology stacks used in application development, Web applications, in particular secure application design.
  • Depth knowledge of IT risks, cyber security, and computer operating software like Windows, Linux, and UNIX.
  • In-depth knowledge in the software's design with the aid of programming languages like Python, Java, etc.
  • Advanced understanding of security protocols, cryptography, and security.
  • Understanding of network protocols, Source Code Reviews and OWASP Top 10 security practices.
  • In-depth knowledge of frameworks used in developing applications.
  • Good understanding in security measures such as firewalls, intrusion detection, and prevention systems (IDS/IPS), network access controls, and network segmentation.
  • Knowledge of DNS, Security principles of routing, authentication, VPN, proxy services, and DDOS mitigation technology.
  • Expertise in the architecture of information security systems.
  • Good knowledge of IT Infrastructure, Cloud Technologies like AWS, Azure, and Information Security systems, specifically in architecture.
Job Responsibilities
  • Perform security analysis, develop robust security architecture, and ingrain security solutions into the Bank's Group environment ensuring the confidentiality, integrity, and availability of the bank’s information.
About The Company

VAM Systems is a Business Consulting, IT Solutions and Services company.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Security Architect For Bahrain

Adsfare

Posted 9 days ago

Job Viewed

Tap Again To Close

Job Description

VAM Systems is a Business Consulting, IT Solutions and Services company.

VAM Systems is currently looking for Security Architect for our Bahrain operations with the following skillsets & terms and conditions:

Years of Experience: 11-15 Years

Education Qualification: BE Computer Science and Engineering

Certifications required: CISSP, CCSP, CEH, CCNP, AWS, Azure, Java, Python, VB

Professional Training Required: Azure Solutions Architect, AWS Solution Architect, Secure Software Development and Programming.

Skills:

  • Proficiency and working knowledge in technology stacks used in application development, especially secure application design.
  • Depth knowledge of IT risks, cyber security, and computer operating software like Windows, Linux, and UNIX.
  • In-depth knowledge in software design with the aid of programming languages like Python, Java, etc.
  • Advanced understanding of security protocols, cryptography, and security.
  • Understanding of network protocols, Source Code Reviews, and OWASP Top 10 security practices.
  • In-depth knowledge of frameworks used in developing applications.
  • Good understanding of security measures such as firewalls, intrusion detection, and prevention systems (IDS/IPS), network access controls, and network segmentation.
  • Knowledge of DNS, security principles of routing, authentication, VPN, proxy services, and DDoS mitigation technology.
  • Expertise in the architecture of information security systems.
  • Good knowledge of IT Infrastructure, Cloud Technologies like AWS, Azure, and Information Security systems, specifically in architecture.

Job Responsibilities:

  • Perform security analysis, develop robust security architecture, and integrate security solutions into the Bank's Group environment ensuring the confidentiality, integrity, and availability of the bank’s information.
  • Develop security architecture for various Information Security control systems.
  • Perform Information Security Risk Assessments of new IT systems, design and recommend security controls to mitigate risks, reassess and enhance security architecture as needed.
  • Review security architecture of new technology solutions and business applications, assess security, and recommend security controls to address security risks.
  • Research and recommend/implement the security standards, systems, and best practices.
  • Review system security, recommend security controls, and implement enhancements.
  • Manage information security projects/assignments.
  • Evaluate and implement information security technologies and countermeasures against threats to information.
  • Review technical service requests and technical changes raised by IT users for Information Security risks.
  • Follow Security by Design methodology to assure end-to-end security.
  • Develop security baseline for all IT assets, such as routers, firewalls, LANs, WANs, VPNs, and other network devices, and ensure efficacy.
  • Provide security architectural guidance to IT Project Managers.
  • Understand the risk and weakness in applications.
  • Secure application design and architecture, and conduct application security testing.
#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Information security Jobs in Bahrain !

Senior Security Architect

Arab Banking corporation

Posted 9 days ago

Job Viewed

Tap Again To Close

Job Description

Bachelor of Technology/Engineering(Computers)

Nationality

Any Nationality

Vacancy

1 Vacancy

Job Description

Job Purpose

The Senior Security Architect will play a key role in building and maintaining IT security solutions and controls for the Bank across new and emerging domains, including Cloud and Innovation. The role will involve developing end-to-end security for Bank ABC and handling any technical problems that arise. The Senior Security Architect will identify IT threats and vulnerabilities, design and build robust security architectures and serve as the security point person for technical and business security concerns.
The job holder will be architecting and managing change and implementation with existing and new technologies, reusing when appropriate and implementing when required.
The job requires in-depth knowledge and hard skills (e.g. secure cloud architecture, cryptographic practices, protocols, network and platform security etc.) as well as strong soft skills (e.g. communication and presentation skills, stakeholder management) and a good amount of hands-on previous work experience demonstrating these.

Principal Responsibilities, Accountabilities and Deliverables of Role

Research & Planning:

  • Plan, research and design robust enterprise-wide security architectures for any IT or business projects aligned with industry frameworks (e.g. SABSA, TOGAF, NIST, CSA, ISO 27001)
  • Develop threat use cases / scenarios to clearly depict threats to security architecture.
  • Aligning new security solutions with existing technologies and designing and planning integration.
  • Lead and coordinate assessment of existing and target / implemented architecture.

Cost, Planning, Project Management:
  • Prepare cost estimates and identify integration issues for solutions and architectures
  • Develop and maintain security reference architectures and roadmaps
Engineering:
  • Understanding of Security Engineering outputs and able to oversee and incorporate into security planning
  • Able to incorporate security measures into the existing, resultant or target architecture.
  • Collaborate with DevOps, Cloud, and IT teams to embed security into CI/CD pipelines and infrastructure (DevSecOps)

Designing:
  • Define and maintain technical security patterns for secure systems and applications
  • Design high level and low-level security architecture to meet business and technical requirements
  • Design public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures
  • Identify and reuse security solutions and consider integration with other tools when designing security solutions.

Key Responsibilities:
  • Product Ownership & Collaboration :
    • Support the Senior Security Architect as the Product Owner for specific security tools within the team s domain.
  • Microsoft Security Solutions :
    • Serve as the Product Owner with expertise in:
      • MS Purview , Azure Cloud, Active Directory , Defender , O365 Security and Microsoft AIP solutions
      • Ensure proper configuration and timely resolution of issues
      • Develop and implement effective processes and procedures
      • Good knowledge of activities and solving challenges relating to classification, labeling, and handling Data Loss Prevention (DLP)
      • Continuously monitor and follow up on security alerts
  • HSM Solution Management :
    • Oversee the Hardware Security Module (HSM) as Product Owner:
      • Ensure accurate configuration
      • Identify and resolve issues efficiently
      • Develop and manage processes and procedures
      • Responsible for key lifecycle management

Desired Candidate Profile


Job Requirements
Knowledge

  • Strong understanding of Cloud Computing Security, including AWS, Azure, Office 365, APIs and WEB services
  • Strong knowledge in designing and implementing cryptographic solutions including PKI infrastructure, certificate management and deploying encryption technologies for systems, databases, applications across on-premises and cloud
  • Understanding of Information Security frameworks (e.g., ISO 27001/27002, NIST CSF, CIS TOP 20)
  • Deep knowledge of network, application, cloud and data security best practices
  • Understanding of architecture frameworks (e.g. TOGAF, SABSA)
  • Good knowledge and hands-on experience in security systems, including CASB, HSMs, web proxies and content filtering, DLP solutions, etc
  • Detailed technical knowledge of operating system and Cloud CIS baseline
  • Good knowledge of low-level and high-level security architecture design and development
  • Good understanding of security design patterns
  • Familiarity with regulatory and compliance requirements (e.g., CBB, GDPR, ISO 27001, PCI-DSS, SOC2)
  • Broad understanding of the Information Security domains: Infrastructure Security, Access Management, Physical Security, Application Security, Security Compliance, and IT Change Management

Desired Candidate Profile


Job Requirements
Knowledge

  • Strong understanding of Cloud Computing Security, including AWS, Azure, Office 365, APIs and WEB services
  • Strong knowledge in designing and implementing cryptographic solutions including PKI infrastructure, certificate management and deploying encryption technologies for systems, databases, applications across on-premises and cloud
  • Understanding of Information Security frameworks (e.g., ISO 27001/27002, NIST CSF, CIS TOP 20)
  • Deep knowledge of network, application, cloud and data security best practices
  • Understanding of architecture frameworks (e.g. TOGAF, SABSA)
  • Good knowledge and hands-on experience in security systems, including CASB, HSMs, web proxies and content filtering, DLP solutions, etc
  • Detailed technical knowledge of operating system and Cloud CIS baseline
  • Good knowledge of low-level and high-level security architecture design and development
  • Good understanding of security design patterns
  • Familiarity with regulatory and compliance requirements (e.g., CBB, GDPR, ISO 27001, PCI-DSS, SOC2)
  • Broad understanding of the Information Security domains: Infrastructure Security, Access Management, Physical Security, Application Security, Security Compliance, and IT Change Management
Education / Certifications
  • University degree with an IT and / or Cyber Security background
  • Recognized and active Information Security and platform qualifications (e.g., CISSP, CISM, EC Council or SANS related certifications, AWS or other cloud specific certifications).
  • Desirable Certifications: GIAC Defensible Security Architecture
Experience
  • At least 8 years of work experience
  • 3+ years of direct hands-on experience on configuring technical security solutions and working with Cloud Service Providers (including Azure, Office 365 and AWS) ideally within financial services
  • Experience with threat modelling tools and methodologies (e.g., STRIDE, DREAD, MITRE ATT&CK)
  • Experience in working with cryptographic solutions (e.g. HSM)
  • Experience in developing high level architecture for the cloud and hands-on experience designing secure architectures in cloud environments (AWS, Azure, GCP)
  • Strong understanding of IAM, MFA, authentication protocols (OAuth, SAML, OpenID Connect) and able to configure well known Security Solutions in this domain.
  • Experience in securing APIs, containers and microservices
  • Experience with network security and networking technologies and with system, security, and network monitoring tools
  • Recent, full-time working experience with financial institutions
  • Practical experience on working with cloud technologies and implementing security in hybrid and multi-cloud scenarios.
Personal attributes
  • Strong team player
  • Fluent in English (mandatory)
  • Ability to organise and prioritise tasks
  • Able to conduct the role with minimum supervision
  • Strong communication skills capable of dealing with wide range of internal and external stakeholders articulating security risks in business-friendly terms.

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at

People Looking for Security Architect Jobs also searched #J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Senior Security Operations Engineer

Canonical

Posted 9 days ago

Job Viewed

Tap Again To Close

Job Description

workfromhome
Join or sign in to find your next job

Join to apply for the Senior Security Operations Engineer role at Canonical

Continue with Google Continue with Google

3 months ago Be among the first 25 applicants

Join to apply for the Senior Security Operations Engineer role at Canonical

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.

Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.

The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.

The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

What you will do in this role:

  • Implement and evolve Canonical's Security Operation Center
  • Analyse and improve Canonical's security architecture
  • Evaluate, select and implement new security tools and practices
  • Identify, contain and guide the remediation of security threats and cyber attacks
  • Grow the presence and thought leadership of Canonical SecOps practice
  • Contribute to open source threat intelligence initiatives
  • Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
  • Develop Canonical SecOps learning and development materials
  • Publish blog posts, whitepapers and conference presentations
  • Identify, implement and track SecOps KPIs
  • Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
  • Work with Security leadership to present information and influence change

What we are looking for

  • An exceptional academic track record
  • Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
  • Previous professional experience working or leading a Security Operation Center
  • Deep personal motivation to be at the forefront of technology security
  • Expertise in threat modelling and risk management frameworks
  • Knowledge of security architecture and market-leading security tools
  • Experience contributing to, and consuming, threat intelligence feeds
  • Experience in security risk management frameworks such as NIST CSF and ISO27001

Optional things we value

  • Experience in a security operations team or a security operations centre (SOC)
  • Experience in offensive or defensive security teams with hands-on ability
  • Experience with state-actor and other advanced persistent threats

What we offer you

We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

  • Distributed work environment with twice-yearly team sprints in person
  • Personal learning and development budget of USD 2,000 per year
  • Annual compensation review
  • Recognition rewards
  • Annual holiday leave
  • Maternity and paternity leave
  • Employee Assistance Programme
  • Opportunity to travel to new locations to meet colleagues
  • Priority Pass, and travel upgrades for long haul company events

About Canonical

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.

Canonical is an equal opportunity employer

We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

Seniority level
  • Seniority level Mid-Senior level
Employment type
  • Employment type Full-time
Job function
  • Job function Information Technology
  • Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Sign in to set job alerts for “Senior Security Engineer” roles.

Manama, Capital Governorate, Bahrain 3 months ago

Linux Cryptography and Security Engineer

Manama, Capital Governorate, Bahrain 4 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

INFORMATION SECURITY OFFICER

Gulf Air Group

Posted 9 days ago

Job Viewed

Tap Again To Close

Job Description

This role will be responsible for handling the implementation and maintenance of GFG and subsidiaries Information Security Management System in accordance with local laws, regulations and best practices.

KEY ACCOUNTABILITIES
  1. Support Head Information Security in defining and implementation of information security governance documentation including policies, manual, SOPs and guidelines.
  2. Support Head Information Security in conducting Risk-based Assessment of Information Security policies and operating procedures owned by other departments within the group against industry-recognized security standards and best practices, ensuring adequate preventive, detective and corrective controls to provide data integrity, confidentiality and availability.
  3. Support Head Information Security in conducting analysis of security requirements and controls to identify gaps and provides recommendations of industry best practices, trends, and technology products.
  4. Support Head Information Security in conducting on annual basis and continuous basis Information Security Risk Assessment, identify business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
  5. Develop and maintain information register and ensure that the information is classified by data owners and protected in accordance with the information classification framework.
  6. Conducting awareness sessions to the new and existing employees on information security policies and global trends as per the awareness program.
  7. Support in defining information security requirements in information systems, projects and third parties in cooperation with the delivery departments i.e. ICT, and FM.
  8. Support in conducting incident investigation for information security incidents and ensuring that the necessary actions and disciplinary actions are taken.
  9. Support in defining information security requirements to be included in ICT Disaster recovery plans to ensure continuity of information security controls during disasters.
  10. Support in conducting internal and external audits to ensure that BAC Information Security Management system complies with best practices and local regulations.
  11. Improve the maturity of the information security management system through suggesting and supporting in the implementation of technologies such as DLP solutions, GRC solutions etc.
QUALIFICATIONS

Bachelor’s degree in information technology.

Certified Information Security Auditor (CISA) (Preferred)

MINIMUM EXPERIENCE

3+ years of Information Security experience

JOB SPECIFIC SKILLS
  1. Proven ability to establish and manage “dotted-line” business relationships to deliver agreed outcomes/deliverables.
  2. Ability to work effectively with all levels of personnel across the organization.
  3. Proven ability to communicate clearly and appropriately based on audience with excellent facilitation and customer service skills.
  4. Excellent written and verbal communications, critical thinking skills, effective interpersonal skills, strong formal presentation abilities.
  5. Ability to be flexible and work effectively with ambiguity and change.
#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Information Security Jobs