1 832 Security Executive jobs in Bahrain

• Conduct comprehensive information security risk assessments across various systems, applications, and business processes.
• Develop and implement risk mitigation strategies and security controls in line with industry best practices and regulatory requirements (e.g., ISO 27001, NIST).
• Monitor and analyze security threats, vulnerabilities, and incidents, providing timely and effective responses.
• Develop and maintain information security policies, standards, and procedures.
• Perform security audits and compliance checks to ensure adherence to internal policies and external regulations.
• Manage vulnerability scanning and penetration testing programs, and coordinate remediation efforts.
• Design and implement security awareness training programs for employees.
• Collaborate with IT and business units to integrate security considerations into project lifecycles.
• Stay updated on the latest cybersecurity trends, threats, and technologies.
• Develop and manage incident response plans and conduct post-incident reviews.
• Analyze security metrics and key risk indicators (KRIs) to report on the organization's security posture.
• Provide expert advice and guidance on information security matters to stakeholders at all levels.
• Manage third-party risk assessments and ensure vendor compliance with security requirements.

• Bachelor's degree in Information Security, Computer Science, Cybersecurity, or a related field. Master's degree or relevant certifications are highly desirable.
• Minimum of 7 years of experience in information security, with a strong focus on risk management, vulnerability assessment, and compliance.
• Relevant certifications such as CISSP, CISM, CRISC, or CISA are strongly preferred.
• In-depth knowledge of cybersecurity frameworks (NIST, ISO 27001, SOC 2) and risk assessment methodologies.
• Experience with security technologies including SIEM, IDS/IPS, firewalls, and endpoint security solutions.
• Strong understanding of threat intelligence and incident response procedures.
• Excellent analytical, problem-solving, and critical-thinking skills.
• Exceptional written and verbal communication skills, with the ability to articulate complex security concepts to both technical and non-technical audiences.
• Proven ability to work independently and manage multiple priorities in a remote work environment.
• Experience in the financial services or fintech industry is a plus.

This role will be responsible for handling the implementation and maintenance of GFG and subsidiaries Information Security Management System in accordance with local laws, regulations and best practices.

1. Support Head Information Security in defining and implementation of information security governance documentation including policies, manual, SOPs and guidelines.
2. Support Head Information Security in conducting Risk-based Assessment of Information Security policies and operating procedures owned by other departments within the group against industry-recognized security standards and best practices, ensuring adequate preventive, detective and corrective controls to provide data integrity, confidentiality and availability.
3. Support Head Information Security in conducting analysis of security requirements and controls to identify gaps and provides recommendations of industry best practices, trends, and technology products.
4. Support Head Information Security in conducting on annual basis and continuous basis Information Security Risk Assessment, identify business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
5. Develop and maintain information register and ensure that the information is classified by data owners and protected in accordance with the information classification framework.
6. Conducting awareness sessions to the new and existing employees on information security policies and global trends as per the awareness program.
7. Support in defining information security requirements in information systems, projects and third parties in cooperation with the delivery departments i.e. ICT, and FM.
8. Support in conducting incident investigation for information security incidents and ensuring that the necessary actions and disciplinary actions are taken.
9. Support in defining information security requirements to be included in ICT Disaster recovery plans to ensure continuity of information security controls during disasters.
10. Support in conducting internal and external audits to ensure that BAC Information Security Management system complies with best practices and local regulations.
11. Improve the maturity of the information security management system through suggesting and supporting in the implementation of technologies such as DLP solutions, GRC solutions etc.

Bachelor’s degree in information technology.

Certified Information Security Auditor (CISA) (Preferred)

3+ years of Information Security experience

1. Proven ability to establish and manage “dotted-line” business relationships to deliver agreed outcomes/deliverables.
2. Ability to work effectively with all levels of personnel across the organization.
3. Proven ability to communicate clearly and appropriately based on audience with excellent facilitation and customer service skills.
4. Excellent written and verbal communications, critical thinking skills, effective interpersonal skills, strong formal presentation abilities.
5. Ability to be flexible and work effectively with ambiguity and change.

• Monitor security alerts and logs from various security tools (SIEM, IDS/IPS, firewalls, endpoint security solutions) to detect and respond to potential security incidents.
• Perform threat hunting activities to proactively identify and mitigate emerging threats.
• Conduct vulnerability assessments and penetration testing to identify security weaknesses.
• Investigate security breaches, analyze root causes, and develop remediation plans.
• Implement and maintain security policies, standards, and procedures.
• Assist in the development and execution of incident response plans.
• Provide security awareness training to employees.
• Evaluate and recommend new security technologies and solutions.
• Collaborate with IT teams to ensure secure system configurations and deployments.
• Stay current with the latest cybersecurity trends, threats, and best practices.
• Manage and configure security tools and platforms.
• Participate in security audits and compliance reviews.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 3 years of experience in information security or a related role.
• Proficiency with SIEM tools (e.g., Splunk, QRadar), IDS/IPS, firewalls, and antivirus/endpoint detection and response (EDR) solutions.
• Strong understanding of network security principles, protocols, and technologies.
• Experience with vulnerability assessment tools (e.g., Nessus, Qualys) and penetration testing methodologies.
• Knowledge of common attack vectors and threat actor tactics, techniques, and procedures (TTPs).
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong written and verbal communication skills.
• Relevant security certifications such as CompTIA Security+, CEH, or CISSP are highly desirable.
• Ability to work independently and manage multiple priorities in a fast-paced environment.
• Experience with cloud security concepts (AWS, Azure, GCP) is a plus.

• Monitor security alerts and events to detect and respond to potential threats.
• Conduct vulnerability assessments and penetration testing to identify system weaknesses.
• Implement and manage security controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security solutions.
• Develop and enforce security policies, standards, and procedures.
• Respond to security incidents, conduct forensic analysis, and implement remediation actions.
• Analyze security logs and system activities to identify anomalies and patterns of compromise.
• Manage and maintain Security Information and Event Management (SIEM) systems.
• Conduct security awareness training for employees.
• Participate in security audits and ensure compliance with relevant regulations.
• Stay current with emerging cybersecurity threats, vulnerabilities, and technologies.
• Collaborate with IT teams to implement security best practices in system design and deployment.
• Develop and maintain security documentation, including incident response plans and risk assessments.
• Evaluate and recommend new security tools and technologies.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 4 years of experience in information security or cybersecurity roles.
• Strong knowledge of network security, operating systems security, and application security.
• Experience with security tools such as SIEM, IDS/IPS, firewalls, and vulnerability scanners.
• Understanding of security frameworks and compliance standards (e.g., ISO 27001, NIST).
• Excellent analytical, problem-solving, and investigative skills.
• Strong communication and interpersonal skills, with the ability to explain technical concepts clearly.
• Relevant security certifications such as CISSP, CompTIA Security+, or CEH are highly desirable.
• Ability to work effectively in a team environment and manage multiple priorities.

• Monitor security alerts and logs from various security systems (e.g., SIEM, IDS/IPS, firewalls) to detect and analyze potential threats.
• Conduct vulnerability assessments and penetration testing to identify weaknesses in systems and applications.
• Investigate and respond to security incidents, including malware outbreaks, data breaches, and unauthorized access.
• Implement and maintain security controls and countermeasures to protect against cyber threats.
• Develop and update security policies, procedures, and guidelines.
• Conduct security awareness training for employees.
• Manage and configure security tools such as firewalls, antivirus software, and endpoint detection and response (EDR) solutions.
• Perform risk assessments and develop mitigation strategies for identified vulnerabilities.
• Ensure compliance with relevant industry regulations and standards (e.g., ISO 27001, GDPR).
• Stay current with emerging security threats, trends, and technologies.
• Collaborate with IT teams to implement security best practices across the infrastructure.
• Assist in the development and maintenance of incident response plans.
• Perform forensic analysis on compromised systems.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 3 years of experience in information security or a related IT security role.
• In-depth knowledge of cybersecurity principles, frameworks, and best practices.
• Experience with security monitoring tools, vulnerability scanners, and SIEM solutions.
• Proficiency in network security, operating system security, and application security.
• Understanding of common cyberattack vectors and mitigation techniques.
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong communication and interpersonal skills for collaborating with various teams.
• Relevant security certifications such as CompTIA Security+, CISSP, or CEH are highly desirable.
• Ability to work effectively in a fast-paced, deadline-driven environment.
• Experience with incident response procedures.

• Monitor security systems and network devices for security breaches and suspicious activity.
• Investigate, respond to, and resolve security incidents.
• Conduct vulnerability assessments and penetration testing.
• Implement and maintain security controls and technologies.
• Develop and enforce information security policies and procedures.
• Stay current with emerging cybersecurity threats and trends.
• Provide security awareness training to employees.
• Perform security audits and risk assessments.
• Collaborate with IT teams to ensure secure system configurations.
• Manage and maintain security hardware and software.

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Proven experience as an Information Security Analyst or similar role.
• Strong knowledge of cybersecurity principles and best practices.
• Experience with security tools such as SIEM, firewalls, IDS/IPS.
• Excellent analytical and problem-solving skills.
• Proficiency in security frameworks (e.g., NIST, ISO 27001).
• Relevant security certifications (e.g., CISSP, Security+).
• Strong communication and interpersonal skills.
• Ability to work independently and in a team environment.