cybersecurity

The Security Subject Matter Expert will be responsible for designing implementing and managing secure designs/solutions and protocols across our infrastructure and leading MasrPay security compliance program. This includes leveraging security tools such as IPS/IDS SIEM FIM and WAF solutions as well as establishing encryption and data protection practices following PCI DSS requirements and relevant regulations like GDPR and security standards and frameworks like ISO27000 NIST800 and CSF. The role requires close collaboration with application development and DevOps security and network teams to ensure that security is integrated into every phase of the development lifecycle.

Responsibilities:

1. Develop implement and maintain secure design/solutions and protocols to protect sensitive data and applications.
   
2. Strong knowledge and handson skills with IPS/IDS SIEM FIM FWs and WAF.
   
3. Conduct security assessments vulnerability analysis and penetration testing to identify risks.
   
4. Collaborate with developers to integrate security best practices into the development and deployment processes.
   
5. Ensure compliance with industry standards such as PCIDSS and any other relevant regulations will be an added asset. e.g. GDPR ISO27001.
   
6. Manage encryption and data protection strategies across all tiers.
   
7. Respond to and investigate security incidents providing root cause analysis remediation and mitigation strategies.
   
8. Stay uptodate with the latest security trends vulnerabilities and regulatory requirements.
   

Requirements

• Bachelor s degree in Cybersecurity Computer Science Information Technology or related field.
  
• 5 years of experience in cybersecurity and security compliance requirement such as PCIDSS preferably within fintech or financial industries.
  
• Strong knowledge of security solutions including IPS/IDS SIEM FIM FW WAF and encryption techniques.
  
• Experience with security assessment tools and methodologies including vulnerability scanning and penetration testing.
  
• String knowledge with SDLC CI/CD pipelines DevOps and DevSecOps practices.
  

Preferred Skills:

• Relevant certifications (e.g. CISSP CEH CISM or GIAC).
  
• Familiarity with compliance requirements such as PCIDSS SOC2 and GDPR.
  
• Knowledge of Kubernetes Docker and cloud security best practices.
  
• Experience with Unix platforms Kafka Keycloak and data encryption in distributed systems.
  
• Strong analytical and problemsolving skills for incident response and forensic analysis.