Security Analyst

What we do:

GMG is a global well-being company retailing, distributing and manufacturing a portfolio of leading international and home-grown brands across sport, everyday goods, health and beauty, properties and logistics sectors. Under the ownership and management of the Baker family for over 45 years, GMG is a valued partner of choice for the world's most successful and respected brands in the well-being sector. Working across the Middle East, North Africa, and Asia, GMG has introduced more than 120 brands across 12 countries. These include notable home-grown brands such as Sun & Sand Sports, Dropkick, Supercare Pharmacy, Farm Fresh, Klassic, and international brands like Nike, Columbia, Converse, Timberland, Vans, Mama Sita's, and McCain.

What will you do:

The scope of this position focuses on the Cybersecurity Oversight, Delivery, Analysis and Incident Management. Additional activities include supporting Strategic and Technical Initiatives, performing Operational Risk Assessments, Managing Risk Acceptance Activities, developing Annual Risk Posture and Remediation Recommendation Report, and Completion Verification Reviews of Security Projects and Initiatives. Candidates should have ability to infuse Innovation and Creativity into Tactical Activity with a focus on exceptional customer service.

Responsibilities:

Day-to-day coordination and collaboration with a wide array of IT Groups,

Communication to Business Units, companywide discussion

Alliance with Audit Teams and management reporting.

Adherence to Policies/Procedures

Perform security monitoring and analysis of security events.

Analyze suppliers work and its closures.

Assist with incident response and investigation activities

Participate in the agile process to incrementally drive improvement of core security controls

Monitor, manage and tune core security controls

Develop and deliver required metrics and reports

Develop process and procedure documentation for core security controls

Technical Competencies:

o CISSP, CCSK, CEH, ISO 27001 LI;

o Information Security professional, specialized in IT Security risk management

o ISMS implementations, Awareness Trainings (seminar/ LMS)

o Cyber Liability programs, IT Security policies/ assurance controls

o DR planning, Phishing program,

o SOC management and having vast amount of cyber security expertise

o Cloud technology platforms

o PAM, IAM, NAC, IDP/ADFS/Cloud SSO,

o WAF, DLP, SIEM, MDM/MAM,

o email security, O365, Azure Security, SASE

o Data classification, XDR, MDR etc

Qualifications & Experience:

5-8 years of progressive experience in Information Technology

3-5 years of progressive information security experience across information technology risk management domains

Understanding of a range of compliance, regulatory, and legal requirements and relevant principles, best practices, and standards across multiple industries.

Bachelors Degree in Computer Science, Engineering or related field or equivalent work experience required

Product Certifications on Security