1. Recommend changes to policies and procedures based on changes to regulations, standards or best practices ensuring that any security mandates are adequately implemented and reported such as ISO, PCI, SWIFT, CBE regulations, and other applicable standards.
2. Recommend and coordinate with the Security Operations Center for the security compliance monitoring requirements as needed such as File Integrity Monitoring, Database Activity Monitoring and others.
3. Ensure maintenance of all needed documentation supporting security compliance requirements, and audit issues for ongoing tracking and documentation.
4. Participate in Secure Development and Acquisition life cycle process to assess and identify areas of concern from security compliance perspective in line with regulations, standards and best practices.
5. Collaborate efforts with the Information Security Analysis Team to provide input to the security risk assessments and risk register, which will ensure all security compliance requirements are being considered and catered for.
6. Review and ensure the semi-annual firewall reviews are conducted to ensure compliance with PCI, Swift standards and the developed security policies.
7. Develop the necessary compliance use cases to support the different security controls and compliance requirements and communicate violations to the relevant teams.
8. Ensure the standard operating procedures (SOP) are maintained for the different compliance processes and ensure proper adherence to the set SLA.
9. Maintain annual compliance with the Information Security Management System - ISO 27001 standard on the certified scope.
10. Liaise with the different IT Teams to develop standard configuration and baselines for IT Infrastructure and Platforms aligned with industry best practices and standards.
11. Conduct periodic reviews against the approved baselines and ensure closure of all identified gaps.
Qualifications & Experience
o ISO 27001:2013 Lead Auditor
o CISSP
o Certified PCI-DSS Professional
o EC Council – CEH
Skills
Commercial International Bank was established in 1975 as a joint venture between the National Bank of Egypt (NBE, 51%) and the Chase Manhattan Bank (49%) under the name "Chase National Bank of Egypt”. Following Chase's decision to divest its equity stake in 1987, NBE increased its shareholding to 99.9%, changing the Bank’s name to Commercial International Bank (Egypt) S.A.E. NBE’s stake gradually decreased through several public offerings till reaching 18.7%. In 2006, a Consortium led by Ripplewood Holdings acquired NBE stake. In July 2009, Actis, a leading emerging markets private equity firm, invested US$ 244 million to get shares in CIB, acquiring hence 50% of the Ripplewood Holdings Consortium’s stake. Five months later, Ripplewood sold its remaining 4.7% stake over the open market, marking the successful transition of strategic partnership to be with Actis, who then became CIB’s largest shareholder with a 9.1% stake. In March 2014,Actis sold a portion of its holding, representing 2.6% of the Bank’s total outstanding shares, in the open market to a group of international investors. In May 2014, Actis, successfully realised its investment in CIB and sold its remaining 6.5% to Subsidiaries wholly owned by Fairfax Financial Holdings Ltd “Fairfax”.
CIB is Egypt’s leading private sector bank, offering a broad range of financial products and services to its customers, including enterprises of all sizes, institutions, households and high-net worth individuals. CIB strives to provide superior financial solutions to meet all customers’ needs. Having the strongest brand equity rightfully places CIB as the bank of choice for over 500 of Egypt’s largest corporations. CIB shows tremendous potential within the bourgeoning Retail and SME Banking markets. Through its superior management, high-operating standards, corporate governance best practices and training programs,CIB has succeeded in becoming the most profitable commercial bank operating in Egypt for more than 40 years.
