|Senior Associate-Information Security
Al Etihad Payments empowers employees to work in an environment that best promotes their productivity and well-being, while providing high-quality workplace and fantastic professional experience
.
|Get to Know
UsAl Etihad Payments is the UAE’s designated retail payments entity, dedicated to developing and operating world-class infrastructure, standards, and solutions for the UAE Economy. Al Etihad Payments is a subsidiary of the Central Bank of the UAE, strongly supported by the UAE Governmen
t.
Our employees are committed to work with licensed financial institutions and other payment service providers to foster innovation and deliver excellent financial services to all in the UAE, efficiently and without fricti
on.
Al Etihad Payments supports the government’s objectives of a cashless society, national digitization, and the Central Bank of the UAE objective of being a top ten central bank globa
lly.
|Our Cu
ltureWe are a collaborative, diverse and passionate group of individuals that works as one team. We support one another, make impactful contributions to the organization, and develop and nurture meaningful connections across the payment's ecosy
stem!
|About th
e roleThis role will be crucial in safeguarding our organization's information systems and data assets against cyber threats through understating AEP’s risk profile and proactively manage security operations centre. The ideal candidate will possess a strong background in information security, risk profiling, threat hunting, SOC management, threat intelligence, attack surface management and basic fore
nsics.
|What Yo
- u’ll DoLead the security operations center, ensure the maximum visibility to security events in the AEP by digesting logs from all system and infrastructure assets in AEP, and building the require correlation rules to trigger the required
- alerts.Integrate the required threat intelligence solutions to SIEM platform for detection suspicious
- events.Properly define AEPs attack surface and attack vectors for proper events detection and identification inline of vulnerabilities iden
- tified.Command information security incident response when incident declared and ensure secure services, data and system assets re
- covery.Conduct risk profiling and threat h
- unting.Build security orchestration platform and automate the responses for events according to industry best pra
- ctices.Conduct basis security forensic and engaged the Security Forensics Vendors as re
- quired.Run security controls validation platforms to ensure all the controls are functional all the
- times.Run the vulnerability assessment platforms to identify the technical and configuration vulnerabilities, and communicate them to the relevant stakeh
- olders.Collaborate with IT and business teams to implement security best security monitoring practices and solutions as
- needed.Evaluate and recommend security products and se
- rvices.Prepare information security reports and dashboards as
- needed.Other tasks assigned by the line m
anager. People and Vendor Mana
- gement:Oversee vendors and service providers staff to ensure the expected delivery objectives are a
- rchivedSupport in the development of AEP wide information security monitoring and threat man
- agementBuild formal relationship with internal stakeholders, 3rd parties and
vendors
| QUALIFICATIONS AND EXP
ERIENCE A minimum of 10 years of information technology experience, including at least 5 years’ experience in managing information security in large payments organ
izationsExp
- erience:Knowledge of international information security standards and frameworks like ISO27000 and
- PCI-DSS.Experience with risk management, vulnerability assessments, contract/vendor negotiations, and incident man
- agement.Strong understanding of security monitoring and response technologies like SIEM, SOAR, TIP
- and ASM.Strong understanding of cybersecurity controls with a focus on network security like firewalls, proxy servers, email gateways, WAF, etc and endpoint protection like AV and EDR, and vulnerability man
- agement.Experience with security assessment tools and techniques, and fair knowledge of Mitre ATT&CK Fr
- amework.Preferable previous experience in the payments industry, preferably related to instant payment services and/or domestic card
- scheme.Commitment to maintaining confidentiality and integrity of inf
ormationEd
- ucation:Engineering/Technology graduate or equivalent qualification from a recognized University/ Institution preferably in Information Technology or Security
- domains.Relevant certifications (e.g., CISSP, CISM, CompTIA Security+) pr
eferred.
|Technical and Behavior
- al SkillsBe a confident communicator and presenter with excellent verbal and written communicatio
- n skills.Excellent analytical and problem-solvin
- g skills.Be proactive, reliable, responsible, and accurate with an attention t
- o detail.Ability to work effectively both independently and as part
- of a teamBe capable to build relationships with vendors and third-party service provides to facilitate the accomplishment of busin
- ess goalsAble to think logically, to enable problems to be solved through planning and the use of appropriate rules of
- reasoningProfessional fluency in written and spoken English a
nd Arabic
|What you can expe
- ct from usModern work environment with level of fl
- exibility.Dynamic and motivated team of colleagues working towards achieving UAE National O
- bjectives.Competitive compensation package, including annual bonus and additional benefits like child educational allowance and annual flight tickets (where
- eligible);Comprehensive health insurance
coverage.
