2 224 Senior Security Consultant jobs in Bahrain

• Monitor security systems and analyze security alerts to detect and respond to threats.
• Conduct vulnerability assessments and penetration testing.
• Develop, implement, and maintain security policies and procedures.
• Lead incident response activities and conduct post-incident analysis.
• Perform security audits and ensure compliance with relevant regulations.
• Research and stay updated on emerging cybersecurity threats and vulnerabilities.
• Provide security awareness training to employees.
• Collaborate with IT teams to implement security solutions and best practices.
• Manage security tools and technologies, ensuring their effectiveness.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5+ years of experience in information security, cybersecurity operations, or a related role.
• Proven experience in incident response, threat analysis, and vulnerability management.
• Strong understanding of network security, cryptography, and security frameworks (e.g., ISO 27001, NIST).
• Proficiency with security tools such as SIEM, IDS/IPS, firewalls, and endpoint detection and response (EDR).
• Excellent analytical, problem-solving, and communication skills.
• Relevant certifications such as CISSP, CEH, or CISM are highly desirable.
• Ability to work effectively in a hybrid environment and manage multiple priorities.

This role will be responsible for handling the implementation and maintenance of GFG and subsidiaries Information Security Management System in accordance with local laws, regulations and best practices.

1. Support Head Information Security in defining and implementation of information security governance documentation including policies, manual, SOPs and guidelines.
2. Support Head Information Security in conducting Risk-based Assessment of Information Security policies and operating procedures owned by other departments within the group against industry-recognized security standards and best practices, ensuring adequate preventive, detective and corrective controls to provide data integrity, confidentiality and availability.
3. Support Head Information Security in conducting analysis of security requirements and controls to identify gaps and provides recommendations of industry best practices, trends, and technology products.
4. Support Head Information Security in conducting on annual basis and continuous basis Information Security Risk Assessment, identify business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
5. Develop and maintain information register and ensure that the information is classified by data owners and protected in accordance with the information classification framework.
6. Conducting awareness sessions to the new and existing employees on information security policies and global trends as per the awareness program.
7. Support in defining information security requirements in information systems, projects and third parties in cooperation with the delivery departments i.e. ICT, and FM.
8. Support in conducting incident investigation for information security incidents and ensuring that the necessary actions and disciplinary actions are taken.
9. Support in defining information security requirements to be included in ICT Disaster recovery plans to ensure continuity of information security controls during disasters.
10. Support in conducting internal and external audits to ensure that BAC Information Security Management system complies with best practices and local regulations.
11. Improve the maturity of the information security management system through suggesting and supporting in the implementation of technologies such as DLP solutions, GRC solutions etc.

Bachelor’s degree in information technology.

Certified Information Security Auditor (CISA) (Preferred)

3+ years of Information Security experience

1. Proven ability to establish and manage “dotted-line” business relationships to deliver agreed outcomes/deliverables.
2. Ability to work effectively with all levels of personnel across the organization.
3. Proven ability to communicate clearly and appropriately based on audience with excellent facilitation and customer service skills.
4. Excellent written and verbal communications, critical thinking skills, effective interpersonal skills, strong formal presentation abilities.
5. Ability to be flexible and work effectively with ambiguity and change.

• Design, implement, and maintain enterprise-wide security architecture.
• Develop and enforce security policies, standards, and guidelines.
• Evaluate and recommend new security technologies and solutions.
• Conduct security risk assessments and develop mitigation strategies.
• Collaborate with IT and development teams to ensure security is integrated into systems and applications.
• Develop security roadmaps and strategic plans.
• Oversee the implementation of security controls, including firewalls, IDS/IPS, SIEM, and endpoint protection.
• Provide technical leadership and guidance on security matters.
• Monitor security trends and threats to proactively adapt defenses.
• Ensure compliance with relevant security regulations and standards.

• Bachelor's degree in Computer Science, Information Security, or a related field; Master's preferred.
• 10+ years of experience in information security, with at least 5 years in a security architecture role.
• Strong knowledge of network security, cloud security, application security, and data privacy.
• Experience with security frameworks such as NIST, ISO 27001.
• Proficiency in security assessment tools and techniques.
• Excellent understanding of cryptography, authentication, and authorization protocols.
• Strong analytical, problem-solving, and communication skills.
• Experience with scripting and automation for security tasks.
• Relevant security certifications (e.g., CISSP, CISM, TOGAF).

• Monitoring security alerts and events to detect and respond to potential threats.
• Analyzing security vulnerabilities and recommending remediation strategies.
• Implementing and managing security tools and technologies, such as firewalls, intrusion detection systems, and SIEM solutions.
• Conducting regular security assessments and penetration testing.
• Developing and updating security policies, procedures, and guidelines.
• Investigating security incidents and providing detailed post-incident reports.
• Collaborating with IT teams to ensure secure system configurations and deployment.
• Educating users on security best practices and raising awareness of potential risks.
• Staying informed about the latest cybersecurity threats, trends, and technologies.
• Contributing to the development and maintenance of the organization's security architecture.
• Ensuring compliance with relevant data protection regulations and standards.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 3 years of experience in information security roles.
• Proven experience with security monitoring tools and incident response.
• Strong understanding of network security, cloud security, and endpoint security.
• Knowledge of common security frameworks (e.g., NIST, ISO 27001).
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong communication and interpersonal skills, with the ability to explain technical concepts clearly.
• Relevant security certifications (e.g., CISSP, CompTIA Security+) are highly desirable.
• Ability to work independently and as part of a distributed team in a remote environment.

• Develop, implement, and maintain the organization's information security program, policies, and procedures.
• Oversee the security operations center (SOC) and manage security monitoring, threat detection, and incident response activities.
• Conduct regular risk assessments and vulnerability analyses to identify and mitigate security threats.
• Manage the deployment and maintenance of security technologies, including firewalls, IDS/IPS, SIEM, EDR, and data loss prevention (DLP) solutions.
• Ensure compliance with relevant industry standards (e.g., ISO 27001, NIST) and regulatory requirements (e.g., GDPR).
• Develop and deliver security awareness training programs for all employees.
• Lead and mentor a team of information security professionals, fostering their professional development.
• Collaborate with IT, legal, and business units to integrate security into all aspects of the organization's operations.
• Manage security budgets and vendor relationships.
• Develop and regularly test the organization's business continuity and disaster recovery plans.
• Stay abreast of evolving cybersecurity threats, trends, and technologies.
• Act as a subject matter expert on information security matters for the organization.

• Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field; Master's degree is preferred.
• Minimum of 7 years of progressive experience in information security, with at least 3 years in a management or leadership role.
• In-depth knowledge of cybersecurity frameworks, best practices, and threat landscapes.
• Proven experience in developing and implementing security policies, procedures, and controls.
• Hands-on experience with various security technologies and tools (SIEM, firewalls, IDS/IPS, vulnerability scanners).
• Strong understanding of network security, application security, cloud security, and data protection.
• Excellent leadership, team management, communication, and interpersonal skills.
• Relevant certifications such as CISSP, CISM, or CRISC are highly desirable.
• Ability to develop and execute strategic security plans.
• Strong analytical and problem-solving abilities.

• Monitor security alerts and events from various security systems (SIEM, IDS/IPS, firewalls, etc.).
• Conduct vulnerability assessments and penetration testing to identify weaknesses.
• Investigate and respond to security incidents, including analyzing the scope, impact, and root cause.
• Develop and implement security policies, procedures, and best practices.
• Configure and maintain security tools and technologies.
• Provide recommendations for security enhancements and architectural improvements.
• Assist in developing and delivering security awareness training to employees.
• Stay current with emerging security threats, vulnerabilities, and technologies.
• Collaborate with IT teams to ensure security is integrated into system design and deployment.
• Document security incidents, investigations, and remediation efforts.
• Ensure compliance with relevant data protection regulations and standards.
• Participate in security audits and reviews.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 2-4 years of experience in information security, cybersecurity operations, or a related role.
• Strong understanding of network protocols, operating systems (Windows, Linux), and cybersecurity concepts.
• Experience with security tools such as SIEM, firewalls, IDS/IPS, and endpoint protection.
• Knowledge of incident response frameworks and methodologies.
• Relevant certifications such as CompTIA Security+, CEH, or GIAC are a plus.
• Excellent analytical and problem-solving skills.
• Strong communication and reporting abilities.
• Ability to work effectively both independently and as part of a team.
• Proactive approach to identifying and mitigating security risks.