Security Engineer – Data & Analytics
  • United Arab Emirates Dubai
  • Bricks Technologies Systems
1 year before
31.12.2023
Operate and Maintain
Data Administration
Job Description

Security Engineer – Data & Analytics
Encourage ‘Shift Left’ Mindset – Proactively embed security requirements, by influencing implementation of security & privacy patterns from the start of the development cycle
Salary
: As Per Market Standards
Experience
: 0-3 Years
Joining Date
: ASAP
Job Location
: Dubai – UAE
Industry Type
: IT
Function
: Security
Reporting To
: Manager
Job Type
: Full Time
Job Description
Department

The unit’s primary purpose is to Assess and Evaluate Security Risks and information security principles/patterns/controls into all products and platforms and advise the team about mitigation of the Risks evaluated by security assessments.
Job Role:
Primary/General Job Purpose:

Encourage ‘Shift Left’ Mindset – Proactively embed security requirements, by influencing implementation of security & privacy patterns from the start of the development cycle

Secondary/Specific Job Purpose:

You will perform security assessment as per security controls for the Data Domain which includes Big Data Platforms, Data Warehouses, Streaming Technologies, and Reporting Engines. (Example: Hadoop, HANA, Power BI etc)
You will be required to come up with innovative methods to meet demand from the Technology Platform – Data and Advance Analytics domain to ensure security and privacy controls become part of the automated platform that they will build to serve the entire Group IT. This would include migration to new age technologies from Legacy components as part of the bank’s vision for Digital Transformation.
You will deal with largely hybrid platforms and hence would require solid hands-on experience with understanding and implementing security requirements for big data technologies which use performant – archival and real time data ingestion mechanisms, work on extract transform load and diligent design patterns for data delivery to business/internal or customer/external requirements. This will also require you to work on Zero Trust Architectures securing access to customer data embedding Privacy and Security by Design with controls such as defined under GDPR, PCI, & other applicable regulatory / compliance standards etc.
You would be required to come up with solutions to secure off the shelf and open-source products integrated to a banking environment with data security centricity and advise the teams for security vulnerabilities for Open-source technologies such as pySpark, pandas, numpy, etc.
You are required to know and understand implementation of data platforms and streaming engines deployed on Kubernetes or similar orchestration environments.
You would be required to design security solutions for encryption, anonymization, data integrity, and policy control features in large scale infrastructures which will cater to response for data security incidents and audit programs for technology-based controls.
You will influence the implementation of security controls & patterns for the technology platform product using a mix of your superior technical, security, people, process & persuasion skills while ensuring high customer service ratings and adequate stakeholder, expectation, and perception management.
You should be comfortable with creating python scripts and have an in-depth knowledge of python and R.
You should be familiar with Anaconda and other python IDEs.
You should be familiar with concepts related to data modelling, machine learning, and statistical analysis.
You would be required to translate technical vulnerability into business risks and provide impact of these vulnerabilities in a business-friendly language along with organization specific controls.
Perform security reviews for data platform such as Data reviews, ETL reviews etc. and advise the team for masking requirements as per Data Standards such as PCI-DSS and as per bank’s data privacy control guidelines.
Access controls implemented on Hadoop Data platforms and perform Security reviews periodically.
Use a ‘Data Centric Security Approach’ to accurately ascertain Asset Criticality for business products and/or technology assets by using a defined process
Conduct Data / Asset Classification & arrive at overall Asset Criticality by liaising with business & technology stakeholders and oversight functions
Conduct Reviews for Data Access requirements from Data engineers within your Squads to analyse requirements and advise GISO and RISK team.
Participate in the creation of new security patterns (where non-existent)
Ensure inclusion of security requirements/patterns and non-negotiables in the High-Level Design (HLD) document
Attend relevant Agile ceremonies to ensure inclusion & execution of Evil Stories/Misuse Cases as part of secure development
Research and propose practical solutions, either Open-Source or Enterprise OR developed by self (e.g. via scripting) that will help implement the defined security pattern
Ensure inclusion of relevant regulatory requirements into patterns with the help of the Business Information Security Office (BISO)

Qualifications / Desired Profile
Education

Bachelor’s degree in a computer-related field such as computer science, cyber/information security discipline, physics, mathematics or similar


Certification

General Information Security: CISSP, CISM/CISA, OSCP, OSCE or similar
Specific Security Related Certifications: SAP Certified Technology Professional – System Security Architect, CCA HDP Administrator Exam or similar


Tools

Specific Data Platforms & Security: Hadoop, SAP- HANA, Microsoft BI, Cognos, Qlikview, Sybase or similar.
Tools: Ranger, Trino, Knox, Atlas, Spark, Flume, Pig, Ignite, Anaconda, Jupyter Notebook, Pyspark, Neo4j, RStudio and similar
Specific Streaming Platforms: Kafka, Flink, Beam, Mirror maker or similar.

Quick response
Required Knowledge
  • K0003   Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0020   Knowledge of data administration and data standardization policies.
  • K0021   Knowledge of data backup and recovery.
  • K0022   Knowledge of data mining and data warehousing principles.
  • K0023   Knowledge of database management systems, query languages, table relationships, and views.
  • K0097   Knowledge of the characteristics of physical and virtual data storage media.
  • K0261   Knowledge of Payment Card Industry (PCI) data security standards.
  • K0420   Knowledge of database theory.
  • K0193   Knowledge of advanced data remediation security features in databases.
  • K0236   Knowledge of how to utilize Hadoop, Java, Python, SQL, Hive, and Pig to explore data.
Required Skills
  • S0002   Skill in allocating storage capacity in the design of data management systems.
  • S0013   Skill in conducting queries and developing algorithms to analyze data structures.
  • S0042   Skill in maintaining databases. (i.e., backup, restore, delete data, transaction log files, etc.).
  • S0029   Skill in developing data models.
  • S0106   Skill in data pre-processing (e.g., imputation, dimensionality reduction, normalization, transformation, extraction, filtering, smoothing).
  • S0130   Skill in writing scripts using R, Python, PIG, HIVE, SQL, etc.
Required Abilities