Information Security Manager

• The responsibility of this role is to oversee and ensure the establishment of a cybersecurity and IT risk management program across the client and to act as the focal point for cybersecurity and IT risk governance activities.
• Responsible for the design management and review of Client’s cybersecurity and IT risk management policies standards and baselines to ensure secure operation of Client information & systems.
• Conduct both network and user activity audits where required to determine security needs.
• Providing guidance and required training on matters relating to cybersecurity ensuring the implementation of necessary actions to adhere to applicable laws/regulations standards and guidelines.

Responsibilities -

Network Administration and Security
Manage protection of information systems the detection of threats to Client's systems and the response to detected threats and cyber-attacks.
Safeguards information system assets by identifying and solving potential and actual security problems.
Protects system by defining access privileges control structures and resources.
Recognizes problems by identifying abnormalities and reporting violations.
Implements security improvements by assessing the current situation evaluating trends and anticipating requirements
Determines security violations and inefficiencies by conducting periodic audits.
Upgrades the system by implementing and maintaining security controls.
Keeps users informed by preparing performance reports communicating system status.
Maintains quality service by following organization standards.
Maintains technical knowledge by attending/coaching educational workshops reviewing publications.
Contributes to team effort by accomplishing related results as needed.

Performance Monitoring-
Manage and Troubleshoot network systems issues and submit recommendations for improvements in network operation and management.
Plan for disaster recovery and create contingency plans in the event of any security breaches
Engage in and manage 'ethical hacking' for example simulating security breaches
Identify potential weaknesses and implement measures such as firewalls and encryption

Vendor Management-
Coordinate with vendors to expedite the resolution of problems.
Evaluate vendor solutions to ensure compliance with requirements and cost effectiveness.

Service Management-
Act as an escalation point for all requests and incidents related to the network.
Follow up on issues and provide subject matter expertise support for diagnosing and resolving problems.
Prepare technical and procedural documentation of network infrastructure.
Conduct root cause analysis for assigned incidents and recommend software or hardware changes to rectify problems.

Firewall Management (On-Premise and Cloud)-
• Oversee configuration monitoring and maintenance of on-premises and cloud-based firewalls ensuring they are optimized to prevent unauthorized access and detect potential threats.
• Define and implement firewall rules and policies including access controls to secure network traffic according to organizational and compliance standards.
• Conduct regular audits and vulnerability assessments on firewalls to identify and mitigate any potential security weaknesses.
• Collaborate with network and system teams to troubleshoot and resolve firewall-related issues while minimizing downtime and disruption.

Cloud Security Management (Defender for Cloud)-
• Configure manage and optimize Microsoft Defender for Cloud settings to enhance security posture across cloud resources including VMs databases and storage accounts.
• Develop and enforce security policies within Defender for Cloud to monitor and mitigate risks associated with cloud infrastructure applications and data.
• Utilize threat intelligence alerting and automation features within Defender for Cloud to detect and respond to security incidents.
• Implement security best practices for cloud platforms including Identity and Access Management (IAM) encryption and secure configuration.

Network Security-
• Design implement and maintain secure network architecture incorporating firewalls intrusion detection/prevention systems (IDS/IPS) VPNs and network segmentation strategies.
• Conduct network traffic analysis and continuous monitoring to identify anomalies or suspicious activities that may indicate potential security threats.
• Work closely with IT teams to deploy and configure network devices ensuring compliance with security policies and best practices.
• Lead initiatives to secure endpoints enhance network resilience and respond to vulnerabilities or incidents affecting network integrity.

Threat Monitoring and Incident Response-
• Implement and oversee threat monitoring processes using security information and event management (SIEM) systems integrating data from firewalls Defender for Cloud and network devices.
• Develop and execute incident response protocols for network firewall and cloud security incidents minimizing impact through quick containment analysis and remediation.
• Perform post-incident analysis and reporting to identify root causes improve firewall configurations and update security policies as needed.

Compliance and Documentation-

• Ensure firewall network and cloud security policies comply with relevant regulations and industry standards (e.g. NIST ISO 27001).
• Maintain documentation for all security configurations procedures and policies to facilitate audits and enhance knowledge sharing across IT teams.
• Conduct regular security assessments risk analyses and penetration tests on cloud and onpremises systems to verify compliance and mitigate vulnerabilities.

Service Level Agreements (SLA)-
Monitor production outputs and services to ensure that SLAs and other quality metrics are being met.
Developing SLAs.

Education and Experience -
Bachelor’s degree in IT
Master’s degree is desirable
Advanced certifications such as SANS GIAC/GCIA/GCIH and/or SIEM-specific training and certification
Relevant certifications are an advantage (such as IAM Level I Security CE CAP CND Cloud CSLC CEH CISM CISSP CASP CCNA-Security)
DoD-8570 IAT Level 2 baseline certification (Security CE or equivalent)

Firewall and Network Security-
Certifications like Checkpoint Certified Security Administrator (CCSA) or Palo Alto Networks Certified Network Security Engineer (PCNSE) show expertise in managing and configuring
firewall systems.
Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) which provide a comprehensive understanding of security management
practices.

Cloud Security:
Microsoft Certified: Security Operations Analyst Associate or Azure Security Engineer
Associate for Microsoft Defender for Cloud and other Azure security components.
Certified Cloud Security Professional (CCSP) or AWS Certified Security – Specialty for more
general cloud security expertise.

Network Security:
CompTIA Network or Cisco Certified CyberOps Associate for foundational and advanced knowledge in networking security principles and operations.

Competencies
• Firewall Management: Proficiency with firewall technologies and platforms (e.g. Cisco ASA Palo Alto Checkpoint) for setting up configuring and maintaining firewalls on both on-premises and cloud platforms.
• Cloud Security Expertise: In-depth understanding of cloud environments especially
Microsoft Azure to manage and secure cloud services implement Defender for Cloud policies and perform risk assessments.
• Networking Knowledge: Strong grasp of network protocols segmentation VPNs IDS/IPS and secure configuration of network devices.
• Security Monitoring and Incident Response: Proficiency in using SIEM tools (e.g. Splunk
Microsoft Sentinel for monitoring alerting and responding to cybersecurity incidents across firewall and cloud environments.
• Risk Assessment and Compliance: Ability to assess risk in IT systems and ensure compliance with standards like NIST ISO 27001 and PCI DSS.

Language Skills
English is compulsory
Arabic or French is preferable
Minimum 4 years of experience