Sr. Specialist, Information Security (Risk)

Reviews security requirements and assesses the security posture of current EBC systems and new projects to identify gaps or improvements based on risk assessments, threat modeling, and technical testing.Participates in design and initial implementation of new technical scrutiny controls.Handles risk management review, monitoring and reporting till it reaches to EBC risk appetite.Reviews and examines systems compliance against present security standards and the PCI DSS, PCI PIN Security, 3DS, TSP, ISO27001, etc.Audits different systems and all technical department operations against security standards and internal policies. Analyzes new application architecture against the security standards and best practice and provide security sign-off before live deployment.Asses the controls of different cloud platform used. Perform third party risk management activities according to EBC process.Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.Inspects for vulnerabilities and risks in hardware and software.Finds out the best way to secure the IT infrastructure of an organization.Review contracts from Information Security perspective.Handles audit requests whether internal or external.Carries out other tasks related to compliance activities as requested by management. RequirementsBachelor's Degree in Engineering, Computer Science, Information Security, or a related field.4 years of experience in Information Security, Cybersecurity, Risk Management, or related domains.Experience in information security design and implementation best practices.Participate in the design, implementation, and continuous improvement of information security controls and frameworks.Conduct security risk assessments and provide recommendations for risk mitigation.Support secure software development lifecycle (SSDLC) initiatives and security-by-design practices.Ensure compliance with cybersecurity standards, regulatory requirements, and industry best practices.Review and assess security controls against frameworks such as PCI DSS, PCI PIN Security, PCI 3DS, PCI TSP, ISO 27001, and the Central Bank of Egypt (CBE) Cybersecurity Framework.Collaborate with technical operations teams and business support teams to identify and resolve security risks.Coordinate with external vendors, banks, and third-party stakeholders on security-related matters.Prepare security reports, documentation, and presentations for management and audit purposes.Support security awareness, governance, and compliance activities across the organization.