**ES GRC & Architecture Expert.Enterprise Security**
**-**
**(**
**220002AY**
**)**

**Description**

**Job Purpose**
- Participate in establishing Enterprise Security Strategy for Etisalat Misr and Managing the Etisalat Misr Enterprise Security Governance, Risk & Compliance activities to ensure they are keeping track of Etisalat Misr Security Risk and -Enterprise Security Posture and enhance our security controls. -Focus Digital and payment solutions compliance and security architecture and analysis. Study regulations, laws, standards and conduct gap assessment. Drive plans to close the gap. -ES GRC & Architecture Expert day to day tasks including security assessments for new projects and services, risk assessments, perform security audits, support in activities required for external and internal audits while dealing with auditors. Plan for the Compliance calendar.

**Report To Position Name**

Security Strategies Ensure the security strategy aligned along with Enterprise and business strategy Assist in designing the Security solutions to protect IT telecom, ISP System along Ensure new projects/services will not be impacted by security risks or accepted by business especially QR related projects. Bridge gap between business and technical in describing risks and impact, to assist business in taking correct decision concerning the risk mitigations Participate/lead in Developing and implement enterprise information security architecture practices & service design Helping project teams comply with enterprise security policies, industry regulations, and best practices. Cooperate in performing regular audits objectives and practices to ensure security posture of the organization. Study the industry best practices and come up with recommendation for implementation when it comes to digital and Payment solutions. Study regulation and perform gap analysis. Drive plan for gap closure Security Risk Managements: Maintain and operate risk management frameworks and program. Communicate risk assessment findings and help system custodians to tackle the risk and decide proper risk mitigation strategy Keep track of identified risks and make periodic analysis to revaluate the risk and action Analyze risks and share them with system owner and management along with possible mitigation if available for better management decision Assist Technology and Control through risk assessment cycle to ensure proper effectiveness Bridge gap between business and technical in describing risks and impact, to assist business in taking correct decision concerning the risk mitigations Conducts impact analysis to ensure resources are adequately protected with proper security measures Support in risk assessments, perform analysis for the effectiveness of information security control activities and recommend enhancements Assesses threats and vulnerabilities regarding information assets and recommends the appropriate information security controls and measures Stay up to date with the recent risks and threat trends and recommend controls and mitigations to minimize their risks Security Governance: Support in maintaining security standards, IS policies and procedures. Support in Security Awareness Program for Etisalat Misr. Support in Security awareness campaigns and develop required campaigns to be communicated to the employees Perform measurement and analysis on the Enterprise Security Controls and Information Security Performance and effectiveness Assist in decision of security controls selection with the security committee Assist in ensuring the best practices and policies are applied to the new/existing security controls Interact with internal & external departments & regulatory entities to collect regulatory or requests and provide Enterprise Security requirements to other entities. Security Architecture: Conduct regular and ad-hoc security reviews. Assist in designing the Security solutions to protect IT telecom, ISP System along Review new projects and ensure that current risk will not impact or be re-evaluated by these new projects. Participate in Developing and implement enterprise information security architecture practices & service design Reviewing Demand Requests and New Project Impacting Etisalat Security Special Focus for digital and Payment solution security architecutre Security Compliance & Audit: Audit and Enforce IS Polices & security standards (MBSS). Ensure implementation of security policies, controls and their compliance and escalate critical security events, if necessary Develop, maintain Audit Security Configuration Standard. Centralize and track the audit findings and ensure to re-audit in timely manner and escalate in case of delayes Conduct regular and ad-hoc Security Audits Follow the Audit and Compliance Calendar timeline Ensure the maintenance and continuous of Etisalat Misr Compliance programs Keep update of the compliance standards and their changes and the cause of change Consolidate the Compliance effort and establi