93 Security Systems jobs in Bahrain

The Information Security Specialist supports the Head of Information Security and Business Continuity in safeguarding the bank’s critical information assets and ensuring the resilience of its operations. This role is responsible for implementing and maintaining comprehensive information security measures, business continuity plans, and disaster recovery strategies that protect the bank’s systems, data, and services from cybersecurity threats and operational disruptions.

The Specialist will contribute to the bank's proactive risk management approach by identifying vulnerabilities, responding to incidents, ensuring regulatory compliance, and leading initiatives to enhance business continuity. In addition, this role involves coordinating BCP and DR activities, conducting regular testing, and ensuring the organization’s preparedness for crises or emergencies.

Reporting directly to the Head of Information Security and Business Continuity, the Specialist will collaborate closely with IT and other departments and business units to integrate security and business continuity frameworks into the bank’s operational processes, supporting a secure and resilient environment that enables the bank to achieve its strategic objectives.

Responsibilities of the role:

Information Security:

• Develop, implement, and maintain information security policies, procedures, and standards in alignment with PCI-DSS and regulatory requirements.
• Monitor, analyze, and respond to security incidents, vulnerabilities, and threats across the bank’s IT systems and networks
• Conduct periodic risk assessments and gap analyses to identify security weaknesses and develop mitigation strategies
• Coordinate internal and external audits related to information security; ensure timely closure of audit findings
• Provide security awareness training to staff and promote a culture of information security
• Support secure configuration and change management processes across IT assets and infrastructure
• Work with IT and other departments to ensure security is embedded into system design and operational processes
• Stay up to date with current cyber threats and trends, and recommend appropriate risk mitigation measures

Business Continuity:

• Develop and maintain the bank’s business continuity management frameworks in line with the bank’s and regulatory guidelines
• Conduct business impact analyses (BIAs) and risk assessments across business units to identify critical functions and recovery priorities
• Lead the development, testing, and continuous improvement of BCP and DR plans to ensure organizational resilience.
• Coordinate with IT, facilities, and business teams to ensure recovery strategies are effective and practical.
• Conduct regular BCP/DR drills and exercises, and report findings with actionable recommendations.
• Liaise with regulatory bodies, auditors, and stakeholders to ensure compliance and readiness.
• Maintain documentation and evidence of BCM program activities and test results.

Areas of Knowledge, Qualification and Experience

• Atleast 5 years of experience working within a Banking Environment
• Bachelors Degree in Computer Science / Cyber Security background.
• Relevant certifications from ISC2, ISACA, SANS are highly preferred
• In-depth understanding of global information security standards (e.g., ISO 27001, NIST Cybersecurity Framework, CIS Controls) and regulatory requirements (e.g., CBB, PCI-DSS). Ability to implement and manage these frameworks within a banking context.

This role will be responsible for handling the implementation and maintenance of GFG and subsidiaries Information Security Management System in accordance with local laws, regulations and best practices.

1. Support Head Information Security in defining and implementation of information security governance documentation including policies, manual, SOPs and guidelines.
2. Support Head Information Security in conducting Risk-based Assessment of Information Security policies and operating procedures owned by other departments within the group against industry-recognized security standards and best practices, ensuring adequate preventive, detective and corrective controls to provide data integrity, confidentiality and availability.
3. Support Head Information Security in conducting analysis of security requirements and controls to identify gaps and provides recommendations of industry best practices, trends, and technology products.
4. Support Head Information Security in conducting on annual basis and continuous basis Information Security Risk Assessment, identify business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
5. Develop and maintain information register and ensure that the information is classified by data owners and protected in accordance with the information classification framework.
6. Conducting awareness sessions to the new and existing employees on information security policies and global trends as per the awareness program.
7. Support in defining information security requirements in information systems, projects and third parties in cooperation with the delivery departments i.e. ICT, and FM.
8. Support in conducting incident investigation for information security incidents and ensuring that the necessary actions and disciplinary actions are taken.
9. Support in defining information security requirements to be included in ICT Disaster recovery plans to ensure continuity of information security controls during disasters.
10. Support in conducting internal and external audits to ensure that BAC Information Security Management system complies with best practices and local regulations.
11. Improve the maturity of the information security management system through suggesting and supporting in the implementation of technologies such as DLP solutions, GRC solutions etc.

Bachelor’s degree in information technology.

Certified Information Security Auditor (CISA) (Preferred)

3+ years of Information Security experience

1. Proven ability to establish and manage “dotted-line” business relationships to deliver agreed outcomes/deliverables.
2. Ability to work effectively with all levels of personnel across the organization.
3. Proven ability to communicate clearly and appropriately based on audience with excellent facilitation and customer service skills.
4. Excellent written and verbal communications, critical thinking skills, effective interpersonal skills, strong formal presentation abilities.
5. Ability to be flexible and work effectively with ambiguity and change.

Company Description

Job Description

VAM Systems is currently looking for Information Security Architect for our Bahrain operations with the following skillsets & terms and conditions:

Years of Experience : 7- 10 Years

Education Qualification : BE Computer Science and Engineering

Certifications required : CISSP, CCSP, CEH, CCNP, AWS, Azure, Java, Python, VB

Professional Training Required : Azure Solutions Architect, AWS Solution Architect, Secure Software Development and Programming.

Skills

• Proficiency and working knowledge in technology stacks used in application development, Web applications, in particular secure application design.
• Depth knowledge of IT risks, cyber security, and computer operating software like Windows, Linux, and UNIX.
• In-depth knowledge in the software's design with the aid of programming languages like Python, Java, etc.
• Advanced understanding of security protocols, cryptography, and security.
• Understanding of network protocols, Source Code Reviews and OWASP Top 10 security practices.
• In-depth knowledge of frameworks used in developing applications.
• Good understanding in security measures such as firewalls, intrusion detection, and prevention systems (IDS/IPS), network access controls, and network segmentation.
• Knowledge of DNS, Security principles of routing, authentication, VPN, proxy services, and DDOS mitigation technology.
• Expertise in the architecture of information security systems. Project Manager
• Good knowledge of IT Infrastructure, Cloud Technologies like AWS, Azure, and Information Security systems, specifically in architecture.
  
  

• Perform security analysis, develop robust security architecture, and ingrain security solutions into the Bank's Group environment ensuring the confidentiality, integrity, and availability of the bank’s information.
• Develop security architecture for various Information Security control systems.
• Perform Information Security Risk Assessments of new IT systems, design and recommend security controls to mitigate risks, reassess and enhance security architecture as needed.
• Review security architecture of new technology solutions and business applications, assess security, and recommend security controls to address security risks.
• Research and recommend/implement the security standards, systems, and best practices.
• Review system security, recommend security controls, and implement enhancements.
• Manage information security projects/assignments.
• Evaluate and implement information security technologies and countermeasures against threats to information.
• Review technical service requests and technical changes raised by IT users for Information Security risks.
• Follow Security by Design methodology to assure end-to-end security.
• Develop security baseline for all IT assets, such as routers, firewalls, LANs, WANs, VPNs, and other network devices, and ensure efficacy.
• Provide security architectural guidance to IT Project Managers.
• Understand the risk and weakness in applications.
• Secure application design and architecture, and conduct application security testing.
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at VAM Systems by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

• Monitor security systems (SIEM, IDS/IPS, firewalls) for security incidents and anomalies.
• Conduct thorough analysis of security alerts and logs to identify potential threats and breaches.
• Participate in incident response activities, including investigation, containment, eradication, and recovery.
• Perform vulnerability assessments and penetration testing to identify security weaknesses in systems and applications.
• Recommend and implement security controls and countermeasures to mitigate identified risks.
• Assist in the development and enforcement of information security policies, procedures, and guidelines.
• Conduct security awareness training for employees to promote a security-conscious culture.
• Stay current with the latest cybersecurity threats, trends, and technologies.
• Manage security patches and updates for systems and applications.
• Collaborate with IT operations and development teams to ensure security is integrated into system design and deployment.
• Prepare security reports, dashboards, and metrics for management.
• Participate in security audits and assessments, ensuring compliance with regulatory requirements (e.g., GDPR, ISO 27001).

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 3-5 years of experience in information security, network security, or a SOC environment.
• Strong understanding of security frameworks (e.g., NIST, ISO 27001) and security best practices.
• Proficiency with security tools such as SIEM, IDS/IPS, vulnerability scanners, and endpoint detection and response (EDR) solutions.
• Experience with incident response methodologies and threat intelligence.
• Knowledge of networking protocols, operating systems (Windows, Linux), and cloud security concepts.
• Relevant certifications such as CompTIA Security+, CEH, CySA+, or CCNA Security are highly desirable.
• Excellent analytical and problem-solving skills with a keen eye for detail.
• Strong written and verbal communication skills in English; Arabic is a plus.
• Ability to work independently and collaboratively in a fast-paced environment.

• Monitor security systems for anomalies and potential threats.
• Conduct vulnerability assessments, penetration tests, and security audits.
• Analyze security logs and alerts to identify and respond to incidents.
• Assist in developing, implementing, and enforcing information security policies.
• Research and recommend security solutions and best practices.
• Provide security awareness training to employees.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 3-5 years of experience in information security or cybersecurity.
• Strong knowledge of network security, operating systems, and security frameworks (e.g., NIST, ISO 27001).
• Experience with security tools (SIEM, vulnerability scanners, IDS/IPS).
• Relevant certifications (e.g., CompTIA Security+, CEH, CISSP) are a significant plus.
• Excellent analytical and problem-solving skills.

• Monitor security information and event management (SIEM) systems for security incidents and anomalies.
• Conduct in-depth analysis of security alerts, logs, and network traffic to identify potential threats and vulnerabilities.
• Perform incident response activities, including investigation, containment, eradication, recovery, and post-incident analysis.
• Develop and implement security policies, procedures, and guidelines to protect information assets.
• Conduct vulnerability assessments and penetration testing to identify weaknesses in systems and applications.
• Collaborate with IT operations and development teams to implement security patches and configurations.
• Stay informed about the latest cybersecurity threats, trends, and technologies.
• Participate in security audits and compliance reviews (e.g., ISO 27001, GDPR).
• Provide security awareness training to employees.
• Manage and configure security tools and technologies, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection.
• Prepare detailed security reports and present findings to management.
• Assist in the development and maintenance of disaster recovery and business continuity plans.
• Respond to security questionnaires and support client security audits.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 3 years of experience in information security, cybersecurity operations, or a similar role.
• Strong understanding of security frameworks (e.g., NIST, ISO 27001).
• Proficiency with SIEM tools (e.g., Splunk, IBM QRadar) and security analytics.
• Experience with vulnerability scanning tools (e.g., Nessus, Qualys) and penetration testing methodologies.
• Knowledge of network protocols, operating systems (Windows, Linux), and cloud security concepts.
• Familiarity with scripting languages (e.g., Python, PowerShell) is a plus.
• Excellent analytical and problem-solving skills, with a keen eye for detail.
• Strong communication skills, both written and verbal, in English.
• Relevant certifications such as CompTIA Security+, CEH, CySA+, or CISSP are highly desirable.

• Experience with cloud security platforms (e.g., AWS, Azure, Google Cloud).
• Familiarity with security automation and orchestration.

• Conduct comprehensive security assessments, including penetration testing, vulnerability assessments, security architecture reviews, and risk analyses, for client information systems and applications.
• Develop, review, and implement robust information security policies, procedures, and standards aligned with industry best practices (e.g., ISO 27001, NIST, CIS Controls) and regulatory requirements (e.g., GDPR, PCI DSS).
• Provide expert guidance and strategic recommendations on security architecture design, security controls implementation, and secure system configurations for various technologies (e.g., cloud, network, endpoint, application).
• Lead and support security incident response efforts, including forensic investigations, containment, eradication, and recovery, providing clear communication throughout the process.
• Design and deploy security solutions, including SIEM (Security Information and Event Management), identity and access management (IAM), data loss prevention (DLP), and network segmentation technologies.
• Deliver tailored security awareness training and workshops to client staff, enhancing their understanding of security risks and best practices.
• Prepare detailed, high-quality reports, executive summaries, and presentations for client leadership, clearly articulating findings, risks, and recommended actions.
• Collaborate with client teams to understand their unique business processes and challenges, integrating security solutions seamlessly into their operations.
• Stay abreast of the latest cybersecurity threats, vulnerabilities, attack methodologies, and emerging security technologies.
• Contribute to proposal development and pre-sales activities, assisting in scoping client engagements and defining service offerings.

• Bachelor's or Master's degree in Computer Science, Information Security, Cyber Security, or a closely related technical field.
• A minimum of 7 years of progressive experience in information security, with at least 3 years specifically in a security consulting capacity for external clients.
• Deep expertise in security frameworks (e.g., NIST CSF, ISO 27001), risk management methodologies, and security architecture principles.
• Hands-on proficiency with a wide range of security tools and technologies across different domains (e.g., network security, endpoint security, cloud security, application security).
• Advanced certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), or OSCP are highly desirable.
• Exceptional analytical, problem-solving, and critical thinking skills, with the ability to quickly assess complex security challenges.
• Outstanding written and verbal communication skills, including the ability to present complex technical information clearly and persuasively to both technical and executive audiences.
• Proven track record of successfully delivering complex security projects and building strong client relationships.
• Ability to work independently, manage multiple client engagements, and adapt to rapidly changing priorities.

• Develop, implement, and maintain a comprehensive information security strategy aligned with business objectives and regulatory requirements.
• Establish and enforce information security policies, standards, and procedures across the organization.
• Oversee the identification, assessment, and management of information security risks, developing mitigation strategies.
• Lead and manage a team of security analysts and engineers, providing mentorship, guidance, and performance management.
• Ensure compliance with relevant industry regulations (e.g., PCI DSS, GDPR) and local data protection laws.
• Manage security incidents from detection and response through to post-incident analysis and reporting.
• Oversee the selection, implementation, and maintenance of security technologies and solutions (e.g., SIEM, DLP, IAM, endpoint protection).
• Develop and deliver security awareness training programs for all employees.
• Conduct regular security audits, vulnerability assessments, and penetration tests, coordinating with internal and external auditors.
• Provide expert advice and guidance to senior management on all aspects of information security.
• Manage the information security budget and resource allocation.
• Stay abreast of emerging security threats, technologies, and industry best practices, integrating relevant advancements into the security program.

• Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree is highly preferred.
• Industry-recognized certifications such as CISSP, CISM, CISA, or CRISC are mandatory.
• Minimum of 8-10 years of progressive experience in information security, with at least 3-5 years in a leadership or management role.
• Proven experience in developing and implementing enterprise-wide information security programs.
• In-depth knowledge of information security frameworks (e.g., NIST, ISO 27001) and regulatory compliance.
• Strong understanding of network security, application security, cloud security, and data protection principles.
• Excellent leadership, communication, and interpersonal skills, with the ability to influence stakeholders at all levels.
• Strong analytical and problem-solving abilities, capable of strategic thinking.
• Experience in the financial services sector is a significant advantage.
• Ability to manage complex projects and multiple priorities effectively.

• Monitor security information and event management (SIEM) systems for potential security incidents, alerts, and anomalies.
• Conduct initial triage and investigation of security alerts, determining their nature, scope, and potential impact.
• Respond promptly to security incidents, following established incident response procedures, and coordinating with relevant teams for resolution.
• Perform vulnerability assessments and penetration testing on systems, networks, and applications to identify weaknesses and recommend remediation strategies.
• Assist in the development, implementation, and enforcement of information security policies, procedures, and guidelines.
• Conduct security awareness training for employees to promote best practices and mitigate human-related risks.
• Ensure compliance with relevant industry standards (e.g., ISO 27001, NIST) and data protection regulations (e.g., GDPR, local privacy laws).
• Manage and maintain security tools and technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus, and endpoint detection and response (EDR).
• Contribute to risk assessments and provide recommendations for enhancing the overall security posture.
• Prepare detailed reports on security incidents, vulnerabilities, and overall security performance for management.
• Stay updated on the latest cybersecurity threats, attack vectors, and defense mechanisms.
• Collaborate with IT operations, network engineers, and development teams to implement security controls and solutions.
• Participate in security audits and provide necessary documentation and support.
• Develop and maintain security documentation, including incident response playbooks and security configurations.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 3-5 years of experience in an information security role.
• Strong understanding of network protocols, operating systems (Windows, Linux), and cloud environments (AWS, Azure, GCP).
• Experience with SIEM tools, vulnerability scanners, and other security technologies.
• Knowledge of incident response procedures, threat intelligence, and forensics.
• Relevant security certifications (e.g., CompTIA Security+, CEH, CySA+, GSEC) are highly desirable.
• Excellent analytical and problem-solving skills.
• Strong written and verbal communication skills in English; Arabic is a plus.
• Ability to work under pressure and respond effectively to security incidents.
• High level of integrity, ethical conduct, and attention to detail.
• Familiarity with scripting languages (e.g., Python, PowerShell) for automation is a plus.