Description
At OSN we believe that every good story is a unifying tool with the power to heal, connect, and inspire everyone regardless of age, gender, language, or nationality. For over 2 decades we have been in the business of showcasing these incredible stories from around the world, curated for our viewers here in MENA. We intend, through our services, our innovation, and our commitment to superior content, to bring the most powerful experiences to every screen.
OSN is the MENA region’s leading entertainment company for premium content services serving 26 countries. Our subscribers across both OSN+ (streaming) and OSN channels enjoy curated series, films, and documentaries across genres and languages focusing on Western, Arabic, Turkish, and more. Our purpose is and always will be to elevate the boundaries of great content in MENA, and that’s why our people are the most vital part of our success. We believe that having the right team is how we can be successful at everything we do now and in the future.
Job Purpose
The Senior Cyber Security Specialist is required to monitor, maintain and manage the cyber security incident management process for both on premise and cloud infrastructure. This role will be required to proactively protect OSN’s information systems and applications from internal and external threats and vulnerabilities. The Senior Cyber Security Specialist is to act as technical SPOC and drive the technology teams as a cyber security subject matter expert for all organizational cyber security technical requirements and controls.
Key Accountabilities
Planning & Organisation
- Manage and maintain the complete cyber security Incident management process for all IT infrastructure.
- Technology administration of security monitoring solutions like SIEM, DLP, WAF, PAM, Microsoft Defender XDR, Vulnerability scanners etc.
- Expert threat hunting using ATP and related tools.
- Always ensure the enforcement and maintenance of security control baselines defined.
- Manage and maintain the security controls on both AWS, Azure and Office 365.
- Conduct periodic internal and external vulnerability assessments, plan and Implement mitigations for the vulnerabilities identified.
- Act as SPOC for the administration of application Security controls and requirements.
- Develop and maintain procedures and baselines for the cyber security operations and related solutions.
- Must be the subject matter expert in Cyber security, Cloud and Application security domains. The job role involves liaising with various departments within OSN.
People Excellence (internal/external customer engagement and relationship management)
- To create an environment which is a great place to work for you and your colleagues through your dedication, enthusiasm, sharing of knowledge, honesty and desire to support others.
- To display excellent standards in all you do and inspire others to do the same, and that you operate within legislative/regulatory and company policies and procedures.
- To display confidence, self-belief and openness to new ideas, adapting and embracing challenges and opportunities with a determination to excel.
- Continuously develop own skills by attending all required training courses and maintaining an up-to-date knowledge of products, services, systems and work processes.
Qualifications, experience, knowledge and skills requirements
Education requirement:
- Bachelor’s degree in related field
Experience required:
- 4+ years of Cyber Security related experience.
- In depth technical hands-on security management of cloud platforms.
- Hands-on experience on application security and threat hunting.
- Hands-on experience in cloud security solutions both Azure and AWS.
- In depth technical expertise in application security and OWASP 10 and their mitigation.
- CISSP certified.
- Any other certifications like – CISM/ CISA /GMON/ GCIH will be added advantage.
Knowledge & Skills
- Expert knowledge in SIEM, DLP, WAF, PAM, Microsoft Defender XDR, NAC, DLP and ATP solutions with working knowledge on enterprise network.
- Good exposure to advanced threat hunting techniques.
- Knowledge on PCI DSS standard and information security standards will be added advantage.
- Task achiever with minimal supervision.
