Cyber Security Engineer / Architect
  • United Arab Emirates Dubai
  • Frontline Performance Group
1 year before
31.12.2023
Securely Provision
Systems Architecture
Job Description

WHO WE ARE
Here at FPG we believe in the potential of people. We transform front desk operations into profit centers for the leading hospitality brands worldwide by elevating the performance of their frontline agents, while enhancing guest satisfaction, through our proprietary software IN-Gauge.

WHO YOU ARE
You are an experienced Cyber Security Engineer/Architect with 5+ years of cyber security experience, including experience with log and alert analysis that support incident investigations and network troubleshooting. You have advanced certifications, such as CISSP, SSCP, CISA, CASP, CCNP Security. You have experience in strategic planning and risk modeling to address business risk and compliance, as well as IS governance, risk, domestic and international compliance program, and process development. You have a deep understanding of the tools, techniques, threat landscape, and technical controls required to mitigate a broad variety of cyber threats, and experience with Security Program framework and Model design and development.

WHAT YOU WILL DO
You will take ownership of customer Risk Assessment Standards and compliance to effectively support the launch of IN-Gauge. You will be responsible to document and design set of InfoSec standards supporting current assessment and continuous InfoSec roadmap. You will provide continuous security recommendations to the PE teams.

HOW YOU WILL DO IT

Customer Ownership

To meet contract standard deadlines to support the launch of ING in successfully completing customer.
Efficient and responsive Risk Assessment communication to include teams/zoom calls/email with customer throughout the globe.
Completion of Risk, compliance, security assessments and auditing (including Vendor/third party, IT Audit and Application)
To act a pivotal internal tech lead collaboration with infrastructure and architecture when required to support continuous compliance.
To design, document and continuously update a set of polices, standards and required certificates to support customer RA compliance.
To work with development and infrastructure team to ensure monthly compliance.
To review current polices and update to meeting standards and guidelines.

What you should expect in this role

Establishes strict program control processes to ensure mitigation of risks and supports for obtaining certification and accreditation of ING and our enterprise. This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, and periodic audits.
Experience with the Risk Management Framework process and creating and managing Plan of Action and Milestones
Engage third-party risk assessment providers to conduct penetration testing, simulating an attack on the systems and network infrastructure to find exploitable weaknesses and provides recommendations related to findings
Reviews and recommends security configuration and policies for firewalls, VPN systems, routers, email protection, Endpoint Detection & Response (EDR), IDS scanning technologies and servers.
Experience with Security Technical Implementation Guides
Experience with security systems, including firewalls, intrusion detection systems, anti-virus software, authentications systems, log management, and content filtering.
Perform regular security assessments and control verification for applications requesting permission to deploy Production changes.
Analyze internal application/system controls, documentation, and settings to identify information security risks to ING.
Lead the adoption and integration efforts for new controls into the software.
Evaluate Architecture Design requirements against the applicable security control requirements and identify gaps and remediation options. Document findings lifecycle workflow and approval process.
Supervise the work of the infrastructure teams.
Working in a Security Monitoring/Security Operations Center environment (SOC)
Drive strategy for security awareness management and identify opportunities to improve visibility and sophistication of response capability.
Lead incident response, including steps to minimize the impact and participate with Manage Detection and Response (MDR) partner in conducting a technical and forensic investigation into how the breach happened and the extent of the damage.
Protects system by defining access privileges, control structures, and resources.
Develop and provide leadership to a SecOps team across U.S. and India.
Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.
Determines security violations and inefficiencies by conducting periodic audits.
Upgrades system by implementing and maintaining security controls.
Keeps users informed by preparing performance reports and communicating system status.
Maintains quality service by following organization standards.

What will you oversee

Change control compliance.
Initial Vulnerability Assessment and Triage
Immediate Remediation Activities
Interim Governance Model
Vulnerability Management Procedures
Change Control Procedures
Metrics and Reporting Requirements
Application Security Testing


DESIRED SKILLS AND EXPERIENCE

5+ years of cyber security experience, including experience with log and alert analysis that support incident investigations and network troubleshooting
A bachelor’s degree (preferred). In lieu of degree, advanced certifications, such as CISSP, SSCP, CISA, CASP, CCNP Security. An Ideal candidate has both a bachelor's degree and advanced certification
Strategic planning and risk modeling to address business risk and compliance
IS governance, risk, domestic and international compliance program, and process development
Security Program framework and Model design and development
Demonstrates deep understanding of the tools, techniques, threat landscape, and technical controls required to mitigate a broad variety of cyber threats.
Strong analytical and creative problem-solving skills
Priority and task management
Strong interpersonal skills to interact with customers and team members.
Strong communication skills to interact with team members and support personnel
Excellent leadership skills


COMPENSATION AND BENEFITS
We offer a competitive compensation and full range of benefits to all regular, full-time employees and their qualified dependents as outlined below.

Compensation: base salary starting at AED 15,000 negotiable based on experience, education and relevant certifications. Monthly incentives based on performance, eligibility starting after 3 months of employment.

Benefits effective date 1st day of the month following date of hire:

Employer health plans (Medical insurance including Dental)
30 days holiday and annual holiday closure
Parental Leave (Maternity & Paternity)
Employment Visa


Quick response

Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0027   Knowledge of organization's enterprise information security architecture.
  • K0028   Knowledge of organization's evaluation and validation requirements.
  • K0035   Knowledge of installation, integration, and optimization of system components.
  • K0075   Knowledge of security system design tools, methods, and techniques.
  • K0082   Knowledge of software engineering.
  • K0091   Knowledge of systems testing and evaluation methods.
  • K0102   Knowledge of the systems engineering process.
  • K0170   Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.
  • K0180   Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • K0286   Knowledge of N-tiered typologies (e.g. including server and client operating systems).
  • K0299   Knowledge in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0202   Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
  • K0565   Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.

Required Skills
  • S0059   Skill in using Virtual Private Network (VPN) devices and encryption.

Required Abilities
  • A0148  Ability to serve as the primary liaison between the enterprise architect and the systems security engineer and coordinates with system owners, common control providers, and system security officers on the allocation of security controls as system-specific, hybrid, or common controls.