Information Security Analyst
Banque Saudi Fransi
Total years of experience :9 years, 9 Months
Perform Source Code review as part of the risk management process.
Implement DevSecOps to secure the CI/CD pipline.
Conduct vulnerability assessment and penetration test on systems, servers, network devices, conduct rule set reviews for the firewalls, routers.
Define minimum security baselines / hardening standards for the various technology components, conduct configuration reviews as per the defined security baselines.
Work with the IT team and guide them in mitigating identified vulnerabilities/risks.
Track and report the status of the identified risks on a periodic basis as per the vulnerability management process.
Automate the vulnerability management process to efficiently perform daily tasks
Perform cyber-threat hunting to proactively identify internal and external risks.
Handle and meet the SAMA, PCI-DSS and internal audit requirements.
Lead investigations of security violations and breaches and recommend solutions, repare reports on intrusions as necessary, and provide an analysis summary for management.
Company-wide technical security Risk Management
Establishing and overseeing the organization's ISA (Information Security Architecture).
Perform Penetration Testing, vulnerability analysis, code review (maintain secure coding standards).
Write unit tests, security testing, benchmarking of REST APIs
Compliance of the requirements for mobile and web applications with IT security
FYP : GIS