Information Security Auditor | Zain - Sudan

JOB GROUP: Strategy & Business Development
LOCATION: Khartoum - Sudan
CLOSING DATE: 08-Nov-2016

You will be accountable for the Information Security Manager   for all Information Security audit within the Zain .  Owning the information security   audit process, implementation, monitoring and support of Information Security policies and procedures. While effectively carry out periodic audits, incident and change management, reviews, evaluation of security technology and products.
Also as Information Security Auditor you will be responsible  for  keeping  the Management updated with various information security initiatives, risks, incidents, violations etc. Contribute substantially towards the objective of ISO27001 certification

  • If you hold this position your main tasks and duties will be :
  • Responsible for protecting the confidentiality, integrity and availability of Zain  - Sudan information assets. Securing all information system resources from accidental or unauthorized modification, destruction or disclosure
  • Conduct risk assessment; propose mitigation and remediation strategies with cost-benefit analyses, and alternatives. Conduct audits, system reviews and vulnerability scans. Use a combination of automated tools, manual methods, and interviewing techniques to gather the information necessary to report on security risks. Author written reports summarizing findings and recommendations.
  • Participate in the incident response team in a hands-on, technical role. Identify the root cause of security incidents. Recommend and implement solutions for limiting the scope of the incident. Eradicate any signs of intrusion. Work with senior management to recommend and implement additional controls to prevent future incidents.
  • Conduct security reviews on Information security projects. Attend meetings and review documentation as needed in order to identify security requirements for new and ongoing Information security projects. Design security solutions for new systems and applications.
  • Monitor the announcements of new security vulnerabilities. Identify vulnerabilities that are applicable to Zain Sudan systems and applications, determine their severity and urgency, work with system owners to determine if and when corrective action will be taken, and perform necessary actions to verify that corrective actions were effective.
  • Help organization staff identify and correct poorly implemented security controls.
  • Provide security training to audiences from management to field staff as appropriate
  • Manage relationships and agreements with contractors, suppliers and partners
  • Ensure self-development in information security best practices, methodologies, technologies and products to provide accurate input into the corporate business systems decision making process.
  • Ensure compliance of process with all applicable laws, security best practices and Zain Sudan policies related to information security.
  • Develop contingency plans and ensure they are put into place and regularly reviewed/updated to mitigate risks/issues as the Zain Sudan customer base grows and the business expands.

What Do I Need
You will be required to have:
  •  B.Sc . in Computer Engineering /  Science or information technology with  minimum years of  experience in same or  related role.
  • Experience in design, implementation and audit of BS7799/ISO27001 based ISMS,
  • ISO27001 lead auditor / lead implementer course/ certificate .
  • Any one of the following certifications : CISSP / CISA / CISM is preferred.
  • To develop, interpret and apply best practice methods/processes .
  • Writing documentation, giving presentations and teaching workshop.

Those Soft Skills
  • Highly developed communication and reporting skills (verbal and written) in both Arabic and English .
  • Excellent planning and organization skills.
  • Conflict handling and resolution skills .
  • Analytical thinking & problem solving skills .
  • Tenacity, Resilience and Self Management.
  • Strong interpersonal skills.
  • Ability to prioritize work.
  • Highly developed skills in use of relevant IT packages including Excel, Access, Word, PowerPoint etc.

يمكنك متابعة المزيد من الإعلانات عبر: