We’re looking for a passionate and motivated Information Security Specialist to join our team. This role is essential to maintaining and enhancing the security of our organization’s data, systems, and infrastructure.
The ideal candidate will have a strong understanding of cybersecurity principles, excellent problem-solving skills, and a proactive approach to identifying and mitigating security risks
Who we are:
At ZenHR, our passion is delighting customers! We are an award-winning, cloud-based HRMS that supports the entire HR value chain, from the “acquire” to the “retire” stage. Our team is made up of young, passionate
people committed to providing cutting-edge technology and constantly researching and implementing new HR trends that cater to employers in the MENA region.
Obstacles don’t faze us; we see them as opportunities. We challenge the status quo and work to improve the HR landscape in our region. If you’re excited to make an impact in the HR world, ZenHR is the place for you!
Our people are the heart of our culture. We’re committed to diversity, and inclusion, and we take pride in ensuring equal employment opportunities for all. Our hiring process is designed to attract and retain A-players from diverse backgrounds to help drive our success.
What we offer:
- Flexible working hours and
- remote/work-from-home option
- Health insurance coverage from day one at ZenHR
- Access to online and in-person Mental Health sessions
- A Zen work atmosphere
- Great culture and amazing people to work with and learn from
The Job – Information Security Specialist
What you'll be doing:
- Conduct regular risk assessments to identify vulnerabilities and potential threats.
- Develop and implement strategies to mitigate identified risks.
- Draft, implement, and maintain security policies, procedures, and guidelines.
- Ensure compliance with relevant security standards and regulations (e.g., SOC 2, ISO 27001, NCA, CST).
- Ensure proper information systems and information processing facilities protection, including defining a list of authorized software and versions needed.
- Ensure proper data and information protection by reviewing classification schemes, defining standards for labeling information assets, and establishing rules for sharing sensitive information.
- Ensure proper vulnerability management activities, including performing regular authenticated vulnerability scans on systems, reviewing vulnerability rankings, and taking corrective actions as necessary.
- Conduct cyber security incident and threat management activities, activating incident response procedures when an incident or threat is detected, and defining management responsibilities and procedures to ensure a quick, effective, and orderly response.
- Develop, maintain, and test business continuity and disaster recovery plans to ensure minimal disruption in case of incidents.
- Ensure proper physical security for sensitive information, including secure disposal of sensitive information on media and systems no longer required, being reused, or sent to a third party for maintenance.
- Conduct other cybersecurity activities as required by relevant regulatory requirements and global standards, such as web application security, third-party cybersecurity, and cloud computing and hosting cybersecurity management.
- Conduct root cause analysis and implement measures to prevent recurrence.
- Educate staff on security policies and best practices and Promote a culture of security awareness across the organization.
- Work closely with other teams to ensure secure system design and implementation.
- Provide guidance and support for security-related queries and issues, including customer queries and security assessments.
- Conduct internal security audits and participate in external audits.
- Prepare reports on security posture and incidents for management review.
- Stay updated on the latest security trends, threats, and technologies. Proactively recommend and implement strategies to strengthen the organization’s security posture.
Who you are:
- Bachelor’s degree in Information Security, Computer Science, or a related field.
- Relevant certifications such as CompTIA Security+, ISO 27001 LI, or CEH are preferred.
- Strong knowledge of security frameworks and best practices.
- Experience with cloud security, particularly on platforms.
- Proficiency in using security tools and technologies.
- Excellent communication and interpersonal skills.
- Ability to work independently and handle multiple priorities effectively.
