Information Security Manager PayTabs Information Security Manager

• Develop, maintain and implement information security policies, procedures, controls and guidelines.
• Monitor and manage security infrastructure such as firewalls, IDS / IPS, and system logs.
• Perform regular health monitoring, upgrades and maintenance.
• Manage real time security threats & incidents to identify and quarantine threats.
• Assist in process, assessment and implementation of annual PCI DSS certification.
• Coordinate and Conduct periodic Vulnerability and Penetration Testing exercises.
• Co-ordinate with other departments and address their requirements regarding security compliance.
• Provide security awareness & secure code training.
• Recommend and ensure the implementation of defensive functions (e.g., encryption, access control, and identity management) to reduce systems exploitation opportunities.
• Provide recommendations for security gaps mitigation.
• Productively evaluate and recommend new security technologies that can enhance company information security.
• Manage incident response (IT / Information Security) and support systems.
• Review infrastructure technology vendor contracts and risk assessment.
• Monitor & review firewall rules and configuration.
• Respond to security breaches and network emergencies as necessary.
• Document all support and maintenance activities in accordance with internal policies.
• Responsible for maintaining and updating the Information Security Risk Register.
• Assist in the development, testing, and maintenance of the organization’s business continuity and disaster recovery plans from a security perspective
• Conduct security due diligence on third-party vendors and partners; evaluate contractual terms and SLAs to ensure security requirements are met.
• Strong knowledge in penetration testing & Vulnerability assessment, using industry-standard tools and methodologies.
• Have good experience in programming / scripting language at least in of the following : PHP, JAVA, or Go.
• Have good experience in bash scripting.
• Have good experience in code review with ability to identify and remediate code-level vulnerabilities.
• Implementation experience with security solutions such as : WAF, IPS, SIEM, LDP.
• Good knowledge of the top 10 OWASP application security risks and mitigation techniques.
• Good knowledge of PCI DSS standard and experience participating in audits and remediation processes.
• Haveknowledge of mobile applications security assessment.
• Strong knowledge of internet standards and protocols including TCP / IP.
• Strong skills in information security governance, including policy development, procedure writing, and risk documentation.

Preferred Education and Experience

• Bachelor’s degree in computer science or equivalent.
• At least +5 years of experience in information security / security engineeringor similar roles.
• Security Certificate in security field such as (CISSP, CISM, OSCP, CEH – Security+,CCNA) is a plus.
• Previous experience working in a payment gateway of banking facility is a plus.

J-18808-Ljbffr

Security Manager • Dubai, Dubai, United Arab Emirates