91 Threat Modeling jobs in Bahrain
Information Security Specialist
Posted 4 days ago
Job Viewed
Job Description
The Information Security Specialist supports the Head of Information Security and Business Continuity in safeguarding the bank’s critical information assets and ensuring the resilience of its operations. This role is responsible for implementing and maintaining comprehensive information security measures, business continuity plans, and disaster recovery strategies that protect the bank’s systems, data, and services from cybersecurity threats and operational disruptions.
The Specialist will contribute to the bank's proactive risk management approach by identifying vulnerabilities, responding to incidents, ensuring regulatory compliance, and leading initiatives to enhance business continuity. In addition, this role involves coordinating BCP and DR activities, conducting regular testing, and ensuring the organization’s preparedness for crises or emergencies.
Reporting directly to the Head of Information Security and Business Continuity, the Specialist will collaborate closely with IT and other departments and business units to integrate security and business continuity frameworks into the bank’s operational processes, supporting a secure and resilient environment that enables the bank to achieve its strategic objectives.
Responsibilities of the role:
Information Security:
- Develop, implement, and maintain information security policies, procedures, and standards in alignment with PCI-DSS and regulatory requirements.
- Monitor, analyze, and respond to security incidents, vulnerabilities, and threats across the bank’s IT systems and networks
- Conduct periodic risk assessments and gap analyses to identify security weaknesses and develop mitigation strategies
- Coordinate internal and external audits related to information security; ensure timely closure of audit findings
- Provide security awareness training to staff and promote a culture of information security
- Support secure configuration and change management processes across IT assets and infrastructure
- Work with IT and other departments to ensure security is embedded into system design and operational processes
- Stay up to date with current cyber threats and trends, and recommend appropriate risk mitigation measures
Business Continuity:
- Develop and maintain the bank’s business continuity management frameworks in line with the bank’s and regulatory guidelines
- Conduct business impact analyses (BIAs) and risk assessments across business units to identify critical functions and recovery priorities
- Lead the development, testing, and continuous improvement of BCP and DR plans to ensure organizational resilience.
- Coordinate with IT, facilities, and business teams to ensure recovery strategies are effective and practical.
- Conduct regular BCP/DR drills and exercises, and report findings with actionable recommendations.
- Liaise with regulatory bodies, auditors, and stakeholders to ensure compliance and readiness.
- Maintain documentation and evidence of BCM program activities and test results.
Areas of Knowledge, Qualification and Experience
- Atleast 5 years of experience working within a Banking Environment
- Bachelors Degree in Computer Science / Cyber Security background.
- Relevant certifications from ISC2, ISACA, SANS are highly preferred
- In-depth understanding of global information security standards (e.g., ISO 27001, NIST Cybersecurity Framework, CIS Controls) and regulatory requirements (e.g., CBB, PCI-DSS). Ability to implement and manage these frameworks within a banking context.
INFORMATION SECURITY OFFICER
Posted 7 days ago
Job Viewed
Job Description
This role will be responsible for handling the implementation and maintenance of GFG and subsidiaries Information Security Management System in accordance with local laws, regulations and best practices.
KEY ACCOUNTABILITIES- Support Head Information Security in defining and implementation of information security governance documentation including policies, manual, SOPs and guidelines.
- Support Head Information Security in conducting Risk-based Assessment of Information Security policies and operating procedures owned by other departments within the group against industry-recognized security standards and best practices, ensuring adequate preventive, detective and corrective controls to provide data integrity, confidentiality and availability.
- Support Head Information Security in conducting analysis of security requirements and controls to identify gaps and provides recommendations of industry best practices, trends, and technology products.
- Support Head Information Security in conducting on annual basis and continuous basis Information Security Risk Assessment, identify business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
- Develop and maintain information register and ensure that the information is classified by data owners and protected in accordance with the information classification framework.
- Conducting awareness sessions to the new and existing employees on information security policies and global trends as per the awareness program.
- Support in defining information security requirements in information systems, projects and third parties in cooperation with the delivery departments i.e. ICT, and FM.
- Support in conducting incident investigation for information security incidents and ensuring that the necessary actions and disciplinary actions are taken.
- Support in defining information security requirements to be included in ICT Disaster recovery plans to ensure continuity of information security controls during disasters.
- Support in conducting internal and external audits to ensure that BAC Information Security Management system complies with best practices and local regulations.
- Improve the maturity of the information security management system through suggesting and supporting in the implementation of technologies such as DLP solutions, GRC solutions etc.
Bachelor’s degree in information technology.
Certified Information Security Auditor (CISA) (Preferred)
MINIMUM EXPERIENCE3+ years of Information Security experience
JOB SPECIFIC SKILLS- Proven ability to establish and manage “dotted-line” business relationships to deliver agreed outcomes/deliverables.
- Ability to work effectively with all levels of personnel across the organization.
- Proven ability to communicate clearly and appropriately based on audience with excellent facilitation and customer service skills.
- Excellent written and verbal communications, critical thinking skills, effective interpersonal skills, strong formal presentation abilities.
- Ability to be flexible and work effectively with ambiguity and change.
Information Security Analyst
Posted today
Job Viewed
Job Description
Information Security Analyst
Posted today
Job Viewed
Job Description
Information Security Manager
Posted today
Job Viewed
Job Description
Key Responsibilities:
- Develop and execute a robust information security strategy aligned with business objectives.
- Oversee the implementation and maintenance of security controls and technologies.
- Manage risk assessment processes, identifying and prioritizing security vulnerabilities.
- Lead the incident response team, coordinating efforts during security breaches and cyber-attacks.
- Ensure compliance with relevant data protection regulations and industry standards (e.g., ISO 27001, GDPR).
- Develop and deliver security awareness training programs for all employees.
- Manage security policies, procedures, and guidelines.
- Conduct regular security audits and penetration testing.
- Evaluate and recommend new security technologies and solutions.
- Collaborate with IT and other departments to integrate security into all business processes.
- Manage security budgets and vendor relationships.
- Provide leadership and mentorship to the information security team.
The ideal candidate will possess a Bachelor's degree in Computer Science, Information Technology, or a related field, with advanced certifications such as CISSP, CISM, or CISA being highly desirable. A minimum of 8 years of experience in information security, with at least 3 years in a management or leadership role, is required. Proven expertise in cybersecurity frameworks, risk management, incident response, and security architecture is essential. Strong understanding of network security, cloud security, and data privacy principles is mandatory. Excellent leadership, communication, and strategic planning skills are crucial for success in this role. This is a vital position for safeguarding the organization's digital assets.
Information Security Analyst
Posted today
Job Viewed
Job Description
Information Security Architect
Posted today
Job Viewed
Job Description
Key Responsibilities:
- Design, develop, and maintain enterprise-wide information security architecture and strategy.
- Evaluate and select security technologies and solutions, ensuring their integration into the existing IT infrastructure.
- Develop and enforce security policies, standards, and procedures across the organization.
- Conduct security risk assessments and vulnerability analyses, identifying potential threats and recommending mitigation strategies.
- Design and implement security controls for networks, applications, data, and cloud environments.
- Lead the development of security architecture reviews and provide recommendations for improvement.
- Collaborate with IT teams, business units, and external stakeholders to integrate security into all aspects of the business.
- Develop incident response plans and lead security breach investigations.
- Stay current with emerging security threats, technologies, and regulatory requirements.
- Provide technical guidance and mentorship to security analysts and engineers.
- Ensure compliance with relevant data privacy and security regulations.
- Bachelor's or Master's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Minimum of 8 years of progressive experience in information security, with at least 3 years in a security architecture role.
- Extensive knowledge of security frameworks (e.g., NIST, ISO 27001), risk management, and security best practices.
- Proven experience in designing and implementing security solutions for cloud environments (AWS, Azure, GCP).
- Proficiency in network security, endpoint security, identity and access management (IAM), and cryptography.
- Experience with security assessment tools and techniques.
- Strong understanding of application security and secure coding practices.
- Excellent analytical, problem-solving, and strategic thinking skills.
- Exceptional communication and presentation skills, with the ability to articulate complex technical concepts to both technical and non-technical audiences.
- Relevant security certifications such as CISSP, CISM, or SABSA are highly preferred.
Be The First To Know
About the latest Threat modeling Jobs in Bahrain !
Information Security Analyst
Posted today
Job Viewed
Job Description
The ideal candidate will have a solid understanding of cybersecurity principles, network security, and various security technologies. You will be involved in conducting risk assessments, developing security policies, and educating staff on security awareness. This position requires strong analytical skills, a detail-oriented approach, and the ability to work under pressure in a rapidly evolving threat landscape. Excellent communication skills are needed to collaborate with IT teams and management.
Key responsibilities include:
- Monitoring security alerts and events from various security tools (SIEM, IDS/IPS, firewalls).
- Investigating and responding to security incidents, including malware outbreaks and unauthorized access attempts.
- Conducting vulnerability assessments and penetration testing.
- Developing and implementing security policies, procedures, and guidelines.
- Assisting in the design and maintenance of security infrastructure, such as firewalls, VPNs, and intrusion detection systems.
- Performing security awareness training for employees.
- Staying current with emerging threats, vulnerabilities, and security technologies.
- Analyzing security logs and recommending improvements to security controls.
- Participating in security audits and compliance activities.
- Developing and maintaining incident response plans and disaster recovery strategies.
A Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field is required. Professional certifications such as CISSP, CompTIA Security+, or CEH are highly desirable. A minimum of 4 years of experience in information security or a closely related field is necessary. Proficiency with security tools and technologies is essential. Strong knowledge of networking protocols, operating systems (Windows, Linux), and cloud security principles is required. Excellent analytical, problem-solving, and communication skills are mandatory. The ability to work independently and collaboratively within a team is important. This is an excellent opportunity for a cybersecurity professional to contribute to safeguarding critical information assets in Tubli, Capital, BH .
Information Security Analyst
Posted today
Job Viewed
Job Description
Information Security Analyst
Posted today
Job Viewed
Job Description
Responsibilities:
- Monitor and analyze security logs and network traffic for suspicious activities and potential threats.
- Implement and manage security solutions, including firewalls, intrusion detection/prevention systems, and endpoint protection.
- Conduct regular vulnerability assessments and penetration testing to identify security weaknesses.
- Develop and maintain security policies, procedures, and standards in accordance with best practices and regulatory requirements.
- Respond to security incidents, including investigation, containment, eradication, and recovery.
- Provide security awareness training to employees and promote a security-conscious culture.
- Stay updated on the latest cybersecurity threats, trends, and technologies.
- Assist in the development and maintenance of disaster recovery and business continuity plans.
- Conduct security audits and ensure compliance with relevant security frameworks (e.g., ISO 27001, NIST).
- Collaborate with IT teams to ensure security is integrated into system design and implementation.
- Manage security documentation and incident reports.
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Minimum of 3 years of experience in information security, cybersecurity operations, or a related IT security role.
- Strong understanding of cybersecurity principles, including network security, cryptography, and risk management.
- Experience with security tools such as SIEM, vulnerability scanners, and firewalls.
- Knowledge of common cyber threats, attack vectors, and mitigation techniques.
- Excellent analytical, problem-solving, and critical thinking skills.
- Strong communication and documentation skills.
- Relevant certifications such as CompTIA Security+, CEH, or CISSP are highly desirable.
- Ability to work effectively both independently and as part of a team.
- Familiarity with Bahamian data protection regulations is a plus.