99 Information Security Specialist jobs in Bahrain

Roles & Responsibilities:

• Monitoring the system and ensuring the system is available 24/7.
• Maintain best practices and security standards.
• Design and implement security solutions that protect the organization's On-prem / cloud infrastructure, applications, and data from security threats.
• Conduct regular security assessments of the organization's On-prem / cloud environment to identify potential security vulnerabilities and recommend appropriate remediation measures.
• Configure and maintain various security tools such as firewalls, intrusion detection and prevention systems, and security information and event management (SIEM) systems to ensure optimal protection against security threats.
• Regularly monitor the syslogs and take corrective actions if any security breaches or vulnerabilities are found in the logs.
• Run VAPT tools to mitigate security vulnerabilities.
• Manage access controls for cloud resources, including user authentication and authorization, identity and access management (IAM), and network security groups (NSGs).
• Monitor the On-prem / cloud environment for security incidents and respond promptly to any security breaches or threats.
• Create and maintain security policies and procedures for the organization's On-prem / cloud environment, including disaster recovery plans, incident response plans, and security awareness training for employees.
• Keep up-to-date with the latest security trends and best practices to ensure that the organization's On-prem / cloud environment remains secure against evolving security threats.
• Review and apply the WAF policies to protect against DDoS and application-related attacks.
• Test the WAF rules and ensure they block malicious traffic.

Qualifications & Technical Skills:

1. Minimum of 10 years of experience.

• B.Sc. in Computer Engineering or Equivalent.

• Security Incident Handling & Response

• Security Management Frameworks

• Firewall/IDS/IPS (Palo Alto, Fortinet, Cisco, etc.)

• Vulnerability Management (VAPT)

• SIEM Management

• Data Management Protection

• Advanced Malware Prevention

• Identity & Access Management

• AWS: IAM, KMS, VPC, Security Groups, Network ACLs, VPC endpoints, CloudWatch, VPC Flow Logs

• Logging and Monitoring, SIEM, Syslog

• CloudFront, WAF and Certificate Management

• Technical Certifications like CEH, Security+, CISSP, etc.

Job purpose

• Overseeing information security, cybersecurity and IT risk management programs based on industry-accepted information security and risk management frameworks.
• Responsible for the organization's data privacy and protection function to ensure compliance with various regulations and best practices.

2. Primary Duties Performed

• Develop and maintain the cybersecurity Risk Management Framework of the organization for addressing the overall approach for handling cybersecurity risks and managing them in a methodological manner.

• Evaluate employees' information security awareness and provide the necessary training whenever is needed.

• Conduct frequent reviews on Vulnerability Assessment and Penetration Testing (VAPT) and manage vulnerabilities.

• Define the necessary controls to ensure all regulatory requirements related to cybersecurity are met, designed effectively with clear documentation.

• Identify the critical assets of the organization and ensure implementation of risk identification and management strategies for these critical assets.
• To assess technology projects to ensure that cybersecurity is adequately addressed.
• Responsible to identifying and managing cybersecurity risk for all third-party technology engagements and all cloud computing engagements.
• Evaluates and recommends cybersecurity technologies and solutions.
• Review cybersecurity & Risk Management manual and recommend necessary updates.
• Act as Data Protection Officer to identify and evaluate the Company's data processing activities.
• Monitor data management procedures and compliance within the Company.
• Assess Company compliance with Data Protection Private Law.
• Provide advice and arrange training to employees on Data Protection.
• Review and recommend updates on Data Protection Manual.
• Serve as the point of contact between the company and the data protection authorities.
• Performs other related duties assigned by the department head.

3. Secondary Duties Performed

• Assist in implementing risk management framework, policies and programs covering business, financial, operational, technological, and regulatory risks.
• Assist in the development and management of controls and business contingency plans.
• Maintain and update organizational risk register.
• Oversee the regular validation and testing of the Company Business Continuity Plan.
• Review Risk Management manual and recommend necessary updates.

4. Work & Business Contacts

Internal

• Management team and staff.

External

• Regulatory Bodies: Central Bank of Bahrain and Personal Data Protection Authority.
• Law Firms and Legal Advisors.
• Internal and External Auditors.
• VAPT vendors.

Division / Department: Risk Management

Incumbent Reports to: Manager – Risk & Project Management

• Monitor security alerts and events generated by the SIEM system and other security tools.
• Investigate potential security incidents, perform root cause analysis, and initiate incident response procedures.
• Configure, maintain, and optimize SIEM platforms (e.g., Splunk, QRadar, LogRhythm) for log collection, normalization, and correlation.
• Develop and refine SIEM correlation rules, use cases, and dashboards to improve threat detection capabilities.
• Conduct proactive threat hunting to identify and mitigate emerging security risks.
• Analyze security logs from various sources (firewalls, servers, endpoints, applications) to detect malicious activity.
• Generate regular security reports on key metrics, incidents, and trends for management and compliance purposes.
• Collaborate with IT operations and other teams to ensure security best practices are implemented across the infrastructure.
• Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and industry best practices.
• Participate in security awareness training initiatives.
• Assist in the development and maintenance of incident response plans and playbooks.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 4 years of experience in information security, with a strong focus on SIEM administration and analysis.
• Hands-on experience with major SIEM platforms.
• Proficiency in log analysis and understanding of various log formats.
• Knowledge of networking protocols (TCP/IP, DNS, HTTP/S) and security concepts.
• Experience with incident response frameworks and methodologies.
• Familiarity with common attack vectors and malware types.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong communication and reporting skills.
• Relevant certifications such as CompTIA Security+, CEH, or GIAC are a plus.

• Deploying, configuring, and maintaining SIEM solutions (e.g., Splunk, QRadar, ArcSight).
• Developing and tuning SIEM rules, alerts, and correlation logic to detect advanced threats.
• Performing real-time analysis of security events and alerts, identifying potential security incidents.
• Leading incident response efforts, including investigation, containment, eradication, and recovery.
• Conducting forensic analysis of security incidents to determine root cause and impact.
• Developing and maintaining security documentation, policies, and procedures.
• Collaborating with IT and development teams to implement security best practices and controls.
• Staying current with the latest cybersecurity threats, vulnerabilities, and industry trends.
• Providing security awareness training and guidance to internal teams.
• Performing vulnerability assessments and penetration testing coordination.

• Monitor SIEM platforms (e.g., Splunk, QRadar, LogRhythm) for security incidents and anomalies in real-time.
• Investigate and analyze security alerts, performing root cause analysis for security breaches and potential threats.
• Develop, tune, and implement SIEM correlation rules and dashboards to enhance threat detection capabilities.
• Respond to security incidents, leading containment, eradication, and recovery efforts.
• Conduct vulnerability assessments and penetration testing to identify weaknesses in the security infrastructure.
• Develop and maintain incident response plans and procedures.
• Collaborate with IT operations and development teams to implement security best practices and controls.
• Stay current with the latest cybersecurity threats, attack vectors, and industry trends.
• Prepare detailed incident reports and provide recommendations for security improvements.
• Contribute to security awareness training programs for employees.
• Perform forensic analysis of compromised systems when necessary.
• Evaluate and recommend new security technologies and tools.

• Monitor SIEM alerts and dashboards for security incidents and anomalies.
• Develop, tune, and maintain SIEM rules, correlation searches, and use cases.
• Conduct in-depth analysis of security events and incidents.
• Perform threat hunting to proactively identify potential security breaches.
• Lead incident response activities, including containment, eradication, and recovery.
• Generate comprehensive incident reports and post-incident reviews.
• Collaborate with IT and other departments to implement security recommendations.
• Stay current with the latest threat intelligence and attack vectors.
• Automate security tasks using scripting languages (e.g., Python, PowerShell).
• Contribute to the development and refinement of security policies and procedures.

• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• 5+ years of experience in information security, with a strong focus on SIEM administration and analysis.
• Proven expertise in SIEM platforms (e.g., Splunk, QRadar, LogRhythm).
• In-depth knowledge of security principles, network protocols, and common attack techniques.
• Experience with incident response, threat intelligence, and forensic analysis.
• Proficiency in scripting languages for automation (e.g., Python, PowerShell).
• Strong analytical and problem-solving skills with meticulous attention to detail.
• Excellent communication and collaboration skills for remote teamwork.
• Relevant security certifications (e.g., GSEC, GCIA, Splunk Core Certified User/Admin).

• Monitoring and analyzing security alerts from the SIEM platform.
• Tuning SIEM rules and developing correlation logic to enhance threat detection.
• Investigating security incidents, identifying root causes, and recommending remediation actions.
• Conducting threat hunting activities to proactively uncover potential threats.
• Developing and maintaining SIEM dashboards, reports, and use cases.
• Responding to security alerts and escalating incidents as necessary.
• Collaborating with IT and other departments to ensure effective security monitoring.
• Staying current with emerging threats, vulnerabilities, and security technologies.
• Contributing to the development and refinement of incident response playbooks.
• Documenting security procedures and findings.
• Mentoring junior security analysts.

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• 5+ years of experience in information security, with a strong focus on SIEM operations and analysis.
• In-depth knowledge of SIEM platforms (e.g., Splunk, IBM QRadar, Elastic SIEM).
• Strong understanding of networking protocols, operating systems, and cybersecurity frameworks.
• Experience with incident response, threat intelligence, and vulnerability management.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation is a plus.
• Relevant security certifications such as CISSP, Security+, GIAC (GCIH, GCFA) are highly desirable.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong written and verbal communication skills.
• Ability to work independently in a fully remote setting.