# Sr. Specialist, Information Security (Risk) **Company:** [Egyptian Banks Company](http://jobs.workable.com/companies/hb636HyLHoaMkkdWwnhrYJ.md) **Location:** New Cairo City, Egypt **Workplace:** on site **Employment type:** Full-time [Apply for this job](http://jobs.workable.com/view/1f23235f-c3a5-4f5e-856f-055fd2cbcdb7) ## Description - Reviews security requirements and assesses the security posture of current EBC systems and new projects to identify gaps or improvements based on risk assessments, threat modeling, and technical testing. - Participates in design and initial implementation of new technical scrutiny controls. - Handles risk management review, monitoring and reporting till it reaches to EBC risk appetite. - Reviews and examines systems compliance against present security standards and the PCI DSS, PCI PIN Security, 3DS, TSP, ISO27001, etc. - Audits different systems and all technical department operations against security standards and internal policies.  - Analyzes new application architecture against the security standards and best practice and provide security sign-off before live deployment. - Asses the controls of different cloud platform used.  - Perform third party risk management activities according to EBC process. - Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. - Inspects for vulnerabilities and risks in hardware and software. - Finds out the best way to secure the IT infrastructure of an organization. - Review contracts from Information Security perspective. - Handles audit requests whether internal or external. - Carries out other tasks related to compliance activities as requested by management. ## Requirements - Bachelor’s Degree in Engineering, Computer Science, Information Security, or a related field. - 4 years of experience in Information Security, Cybersecurity, Risk Management, or related domains. - Experience in information security design and implementation best practices. - Participate in the design, implementation, and continuous improvement of information security controls and frameworks. - Conduct security risk assessments and provide recommendations for risk mitigation. - Support secure software development lifecycle (SSDLC) initiatives and security-by-design practices. - Ensure compliance with cybersecurity standards, regulatory requirements, and industry best practices. - Review and assess security controls against frameworks such as PCI DSS, PCI PIN Security, PCI 3DS, PCI TSP, ISO 27001, and the Central Bank of Egypt (CBE) Cybersecurity Framework. - Collaborate with technical operations teams and business support teams to identify and resolve security risks. - Coordinate with external vendors, banks, and third-party stakeholders on security-related matters. - Prepare security reports, documentation, and presentations for management and audit purposes. - Support security awareness, governance, and compliance activities across the organization.