Who we are?- onebank was established in 2020 as the company responsible for launching the 1st digital native bank in Egypt. The digital bank aims to create innovative solutions tailored to serve the needs of the banking customers in Egypt.-Our main goal is to create a positive customer experience through the differentiated journey that our customers live while using the digital bank.-Our Drive: We use our drive and commitment to energies, engage and inspire others, upholding the highest standards of work ethic, honesty and morality.JOB PURPOSEEnsuring that the organization adheres to information security laws, regulations, and industry standards Including ISO27001 & PCI-DSS compliance & certifications. MINIMUM QUALIFICATIONS/EDUCATION/EXPERIENCEBachelor's degree in information technology, computer science, or a related field.Certifications: - ISO27001 LA or ISO 27001 LI - GRCP - IPMP5+ years of experience in Information technology (IT) and Information security.Experience in ISO-27001.CBE CSFJOB DUTIES AND RESPONSIBILITIESAssist in reviewing contracts, agreements, and vendor engagements to verify the inclusion of required information security clauses, compliance obligations, and risk mitigation requirements in line with approved policies and standards.Support the assessment of contractual adherence to information security policies, regulatory requirements, and applicable industry standards to help minimize security and compliance risks.Support the implementation and tracking of approved information security KPIs to measure the effectiveness of security initiatives and alignment with business objectives and security goals.Perform periodic reviews of KPI relevance and effectiveness, recommend adjustments based on evolving threats, regulatory expectations, and business needs, and escalate findings to management.Track KPI performance on an ongoing basis, identify deviations or trends, and support timely reporting and escalation to ensure corrective actions are initiated when required.Assist in the day-to-day maintenance and operation of the Information Security Management System (ISMS) in alignment with ISO/IEC 27001 requirements and approved governance frameworks.Coordinate the maintenance, communication, and awareness of information security policies and procedures, ensuring relevant personnel are informed and trained in accordance with management-approved requirements.Support the annual review of the ISMS program, including policies, procedures, and security baselines, and assist in tracking updates, approvals, and implementation actions.Participate in reviews of information security requirements for new products, services, and initiatives, and provide guidance to stakeholders in alignment with approved security standards and governance principles.Collaborate with Information Security functions to define security prerequisites for new projects.Manage audit engagements, review findings, and ensure timely implementation of remediation actions.Review and validate bank policies, SOPs, and Terms & Conditions to ensure alignment with Information Security policies, regulatory requirements, and industry best practices.Act as the Secretariat for the IT & Security Committee, including coordinating meeting logistics, preparing agendas, drafting minutes of meetings (MoM), and monitoring the implementation of agreed action items.