Job Description
To ensure and support Information security operations and protect ENEC’s internal systems and coordinate between the various ENEC functions. Moreover to ensure that security controls are maintained and under compliance of the existing Information Security Standards applied within ENEC.
Activity: Information Security
Responsibility:
Obtains and acts on vulnerability information and conducts security risk assessments for business applications and computer installations;
Provides authoritative advice and guidance on security strategies to manage the identified risk.
Investigates major breaches of security, and recommends appropriate control improvements.
Interprets security policy and contributes to development of standards and guidelines that comply with this
Performs risk assessment, business impact analysis and accreditation for all major information systems within the organization.
Ensures proportionate response to vulnerability information, including appropriate use of forensics.
Activity: Information Assurance

Responsibility:
Provides authoritative advice and guidance on Information assurance architecture and strategies to manage identified risk.
Familiar with major legislation relevant to security of information.
Interprets security and assurance policies and contributes to development of standards and guidelines that comply with these.
Uses testing to support information assurance.
Activity: Availability management
Responsibility:
Provides advice, assistance and leadership associated with the planning, design and improvement of service and component availability, including the investigation of all breaches of availability targets and service non-availability, with the instigation of remedial activities.
Plans arrangements for disaster recovery together with supporting processes and manages the testing of such plans.
Activity: Asset Management

Responsibility:
Controls IT assets in one or more significant areas, ensuring that administration of the acquisition, storage, distribution, movement and disposal of assets is carried out.
Produces and analyses registers and histories of authorized assets (including secure master copies of software, documentation, data, licenses and agreements for supply, warranty and maintenance), and verifies that all these assets are in a known state and location.
Ensures that there are no unauthorized assets such as unlicensed copies of software.
Activity: Security and Administration

Responsibility:
Drafts and maintains the policy, standards, procedures and documentation for security.
Monitors the application and compliance of security operations procedures and reviews information systems for actual or potential breaches in security.
Ensures that all identified breaches in security are promptly and thoroughly investigated.
Ensures that any system changes required to maintain security are implemented.
Ensures that security records are accurate and complete.
Security management (including network security, identity management, security events and incidents)
To conduct security researches to keep abreast of latest security issues and ensure that ICT is briefed accordingly.
To participate in the planning and the implementation of all computing and network infrastructure projects (i.e. upgrades, enhancements, etc.) to ensure compliance with the IT Security architecture.
Activity: Continuity management

Responsibility:
Owns the service continuity planning process and leads the implementation of resulting plans.
Coordinates the identification by specialists across the organization of information and communication systems which support the critical business processes, and the assessment of risks to the availability, integrity, and confidentiality of those systems.
Evaluates the critical risks associated with these systems and identifies priority areas for improvement.
Coordinates the planning, designing, testing of maintenance procedures and contingency plans to address exposure to risk and ensure that agreed levels of continuity are maintained.
Activity: HSE

Responsibility:
Ensure compliance to all relevant health, safety and environmental management policies, procedures and controls across the Division/Department/Section by delivery of the HSE Management Program to guarantee employee safety, legislative compliance, delivery of high quality service and a responsible environmental attitude
Skills
B.S. in Information Security or Computer Science /IT Major
6+ years of experience in network monitoring and security utilities
Developing and implementing frameworks that bring together IT services and security and availability needs
Designing and delivering solutions that
deliver highly secure and available IT services in line with business requirements
Developing and monitoring compliance with IT practices and procedures
ISO 27001 Implementation
Professional Certifications
CISSP, CCNP, Networking or System/OS Certificates, ITIL Foundation, ISO27001 Lead Implementer
Additional Skills
Cyber Security Incident handling
Managing SOC team
Vulnerability assessment
Privileged Access Management & Identity Management
Pulse Secure VPN
Information Security Management System
Cloud Security (Azure, AWS, GCP)
Infrastructure Security Solutions Well versed with frameworks NIST, ISO, SANS
Network, Email, Web & Endpoint Security
Business Continuity & Disaster recovery
Hybrid Cloud / SIEM Solutions
Cloud Security & Cloud Maturity
Web Application Security
Mobile Application Management
Endpoint Security and Data loss Prevention
Education
Information Technology

Click here to Apply Online