Information Security Researcher Kashef

  • Full Time

  • Tehran

      -   Tehran

Information Security Researcher

Posted Long ago

Job Description

The Role Main responsibilities: • To research in information security, risk trends and threat landscape to understand capabilities of required Banking/Payment systems or networks. • To research and evaluate, as much possible as available security frameworks and standards to satisfy requirements of banking and electronic payment sector. • To collaborate with stakeholders to identify and/or develop appropriate security architectures and solutions. • To assess, design and process issues throughout the banking/payment product design, development, and post launch phases. • To define and document how the implementation of a new systems or new interfaces between systems may impacts the security posture of the current environment of the banking/payment sector. • Document an enterprise information security risk profile, prioritizing and managing risks throughout the system development life cycle and develop a security risk management Program. • To perform security reviews, identify and analyze gaps in security architecture and solutions.

Requirements

General Status: • At least two years of relevant work experience • 35 years old at most • Full Time Attendance • Familiarity with the concepts of banking and electronic payment • English language Fluency (Intermediate and upper) • Good communication and presentation skills and teamwork ability • Ability to self-organize, self-diagnose and self-motivate • Strong documentation skills • Ability to work to deadlines, under pressure and the willingness to put extra hours in, when needed. Specific status: • Graduate in the information and communication technology engineering or management. • Familiar with Information security principles and concepts, such as: Access Control, Network Security and Communications, Security Risk Management, Conducting Information Security, Secure system Development, Encryption, Security Architecture Design, Security Incident Response, Threat and Vulnerability Management, Business Continuity Planning. • Familiar with Information security standards and best practices. • Familiar with Payment Ecosystem includes: Roles and responsibilities of the key players, Technologies, Requirements and Standards such as PCI DSS and EMV Standards. • Familiar with the principles and scientific methods of research and decision-making. • Familiar with Information resources, organizations and academic institutions active in the field of Cyber Security. • Mastering the Principles of drafting the scientific and literary reports. • Knowledge of the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise IT and security architecture (e.g. TOGAF, DODAF, SABSA).