Saudi German Hospital · Cairo, Egypt · Posted 2026-04-02
Key ResponsibilitiesSecurity Strategy & GovernanceDevelop, implement, and maintain the organization's information security strategy, policies, and standards aligned with business objectives and regulatory requirements (ISO 27001, NIST, HIPA).Risk ManagementIdentify, assess, and priorities information security risks. Maintain the risk register and drive remediation plans in collaboration with stakeholders across all business units.Security Operations OversightOversee day-to-day SOC operations including SIEM monitoring, incident triage, threat intelligence, and EDR management to ensure timely detection and response to threats.Incident Response & Crisis ManagementLead the response to security incidents, breaches, and crises. Own the Incident Response Plan, conduct post-incident reviews, and drive continuous improvement of detection and response capabilities.Compliance & AuditEnsure adherence to applicable laws, regulations, and contractual obligations. Manage internal and external audits, track findings to closure, and maintain compliance evidence documentation.Vulnerability & Penetration TestingDefine and oversee the vulnerability management lifecycle. Commission and review penetration testing engagements, priorities remediation, and report on security posture trends to executive leadership.Security Awareness & CultureDesign and deliver security awareness training programs. Champion a security-first culture across the organization and communicate risk clearly to non-technical audiences.Team Leadership & DevelopmentLead, mentor, and develop the security team. Define KPI frameworks, conduct performance reviews, manage workloads, and build talent pipelines to support organizational growth.Security Architecture & ProjectsProvide security guidance on new projects, system designs, and technology adoptions. Collaborate with IT and engineering teams to embed security by design into all initiatives.Reporting & Executive CommunicationProduce regular security dashboards, board-level risk reports, and KPI metrics. Translate complex technical risk into clear business impact narratives for senior leadership. Bachelor’s degree in Computer Science, Information Security, or related field.5–10 years of experience in cybersecurity or information security.Strong knowledge of network security, firewalls, VPNs, IDS/IPS, and SIEM tools.Experience with security tools such as (e.g., Splunk, Fortinet, Palo Alto, Cisco Security).Familiarity with operating systems (Windows, Linux) and cloud security (AWS, Azure is a plus).Knowledge of security frameworks and standards (ISO 27001, NIST, etc.).Experience in incident response and threat analysis.Relevant certifications are a plus (CISSP, CEH, CISM, Security+).Strong analytical and problem-solving skills.Good communication skills and ability to work in a team environment.Preferred SkillsExperience in healthcare or enterprise environments is a plus.Knowledge of scripting (Python, PowerShell) is an advantage.