Information Security Specialist jobs in United Arab Emirates

General Purpose

The Security Engineer is responsible for IT security systems and functions within the IT division. He/she works within established IT policies, procedures, standards and guidelines to ensure that IT divisional systems and services address security threats, risks, and attacks directed toward Wynn al Marjan Island business operations, staff, customers, and business partners. He/she also troubleshoots issues related to Information Security for data, information, systems, network, applications, database, and end-devices. Further, he/she helps lead and mentor the other members of the Information Security team to advance knowledge and understanding throughout the department. The Security Engineer contributes to the planning and implementation of enterprise IT security initiatives and assists in planning defenses against security breaches and vulnerability issues. The role is essential for delivering security projects to ensure Wynn al Marjan Island maintains a proper security posture

Nature & Scope

Essential Duties & Tasks

• Serve as a lead technical role in the Information Security team under the Information Technology Division
• Works with information security leadership to develop strategies and plans to enforce security requirements and address identified risks
• Act as a technical Subject Matter Expert (SME) on information security system development and best practices
• Leads the deployment, integration and initial configuration of new security solutions and enhancements to existing security solutions in accordance with the best standard operating procedures and the enterprise's security documents
• Assists with risk assessment activities, including analyzing the results of audits to produce recommendations of acceptable risk and risk mitigation strategies
• Collaborate with other Information Security and Information Technology staff to develop remediation plans addressing identified vulnerabilities
• Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle
• Leads the definition of security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems
• Implements and validate baseline security configurations for operating systems, applications, and networking and telecommunications equipment
• Deploys, tunes and runs vulnerability-scanning and penetration-testing tools
• Assists in the development of security architecture and security policies, principles and standards
• Research evaluates, tests and recommends the implementation of new or updated information security technologies
• Monitors daily or weekly reports and security logs for unusual events and trends
• Provides second and third-level support and analysis during and after a security incident
• Maintain awareness of industry trends, security news, and best practices
• Participates in security investigations and compliance reviews, as requested by internal or external auditors
  
  

• Bachelor’s degree in Computer science, Information Technology, or a related field (or 4 years equivalent work experience)
• Proficiency in English is required
• High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
• Excellent written and oral communication and presentation skills for leadership, technical and business audiences
• Poise and ability to act calmly and competently in high-pressure, high-stress situations
• Must be a critical thinker, with strong problem-solving skills
• Detail oriented, self-motivated and disciplined, with excellent time management skills
• Experience with threat analysis and event tuning
• Excellent technical knowledge of security systems including firewalls, intrusion detection systems, cryptography, systems, and anti-virus software
• Strong understanding of IP, TCP/IP, and other network administration protocols
• Experience with planning, deployment, and operation of large enterprise security management tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, etc
• Windows (desktop and server), OS X, and Linux, at a hardening and configuration management level
• Specific knowledge of authentications technologies such as AD, NIS, Duo Security, LDAP, RADIUS, TACACS+, 802.1x,
• NAC, Microsoft Certificate Services, and PKI in general
• Experience with penetration and vulnerability testing techniques and fixtures
• Strong consideration given for CISSP or SANS certification, specifically with one or more of the following certifications:
• Microsoft Certified Systems Engineer: Security
• (ISC)2 SCCP (Systems Security Certified Practitioner)
• (ISC)2 CISSP (Certified Information Systems Security Professional)
• (ISC)2 ISSAP (Information Systems Security Architecture Professional)