Mashreq logo
Mashreq

We are Mashreq - Inspiring you to Rise Every Day

Senior Manager, Cyber Org Alignment & Compliance – Information Security Program

Security EngineerSecurity EngineerFull TimeRemoteSeniorTeam 1,001-5,000Since 1967H1B No SponsorCompany SiteLinkedIn

Location

India

Posted

2 days ago

Salary

0

Seniority

Senior

Postgraduate Degree10 yrs expEnglish

Job Description

Senior Manager, Cyber Org Alignment & Compliance – Information Security Program

Mashreq

• Ensure compliance with policies, regulatory requirements, and industry standards • Identify, assess, and manage information security risks • Develop and maintain a comprehensive process for managing policy exceptions • Perform risk assessments for proposed policy exceptions • Coordinate and ensure regular risk control self-assessments across various business units • Compile and analyze assessment results and prepare reports • Maintain accurate and timely reporting of offshoring activities • Develop and maintain a comprehensive service catalog for ISG • Oversee the implementation and management of information security compliance across the bank • Be the owner of the bank’s GRC platform for ISG

Job Requirements

  • 10+ years of experience in a Banking environment
  • 3+ years of experience in information security
  • Familiarity with information security technologies
  • Risk, threat and vulnerability assessments experience
  • Experience with governance, risk management, and compliance frameworks
  • Hold professional certifications (e.g., CISA, CISM, CISSP, CRISC)

Benefits

  • Flexible working hours
  • Professional development opportunities

Related Categories

Related Job Pages

More Security Engineer Jobs

SixGen, Inc. logo

Security Fusion Center Manager

SixGen, Inc.

SIXGEN’s mission is to deliver agile, mission-ready cybersecurity solutions that empower government and critical infrastructure organizations to stay ahead of advanced cyber threats. We combine innovation, deep expertise, and cutting-edge capabilities to uncover vulnerabilities, protect vital systems, and ensure operational superiority in an ever-evolving digital landscape.

Full TimeRemoteTeam 51-200

Role Description The Security Fusion Center (SFC) Manager is responsible for leading the strategy, governance, and operational maturity of an enterprise Security Fusion Center. This role serves as the primary architect and coordinator for an intelligence-driven cybersecurity program that integrates: - Threat intelligence - Threat hunting - Incident response - Security engineering - Insider threat - Continuous monitoring - Attack surface management The ideal candidate possesses extensive experience developing and managing enterprise cybersecurity programs, establishing governance frameworks, and driving cross-functional collaboration among cybersecurity operations, engineering, and executive leadership. This individual will lead the development of Security Fusion Center strategy, operational processes, performance metrics, and implementation roadmaps while continuously improving the organization's ability to identify, detect, respond to, and mitigate cyber threats. Qualifications - Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Assurance, or a related field. - 6+ years of experience in cybersecurity operations, cyber defense, or enterprise security program management. - Demonstrated experience developing or managing a Security Operations Center (SOC), Security Fusion Center (SFC), Cyber Fusion Center, or equivalent enterprise cybersecurity program. - Experience leading cross-functional cybersecurity initiatives involving multiple operational teams. - Strong understanding of: - Threat Intelligence - Advanced Threat Hunting - Incident Response - Continuous Monitoring - Security Engineering - Insider Threat Programs - Attack Surface Management - Experience developing governance documentation, operational procedures, playbooks, and Concepts of Operations (CONOPS). - Experience developing cybersecurity strategies, roadmaps, implementation plans, and executive-level reporting. - Strong knowledge of cybersecurity frameworks including the NIST Cybersecurity Framework (CSF), NIST Risk Management Framework (RMF), and MITRE ATT&CK. - Excellent communication, leadership, and stakeholder engagement skills. Requirements - CISSP (Certified Information Systems Security Professional) - GIAC Certified Incident Handler (GCIH) - GIAC Cyber Threat Intelligence (GCTI) - Certified Information Security Manager (CISM) - Project Management Professional (PMP) - Experience supporting federal government cybersecurity programs. - Experience implementing enterprise SIEM, SOAR, XDR, EDR, threat intelligence platforms, or security analytics solutions. - Familiarity with Zero Trust Architecture and enterprise cyber modernization initiatives. Benefits - Competitive salary - Employer-paid health insurance premiums (medical, dental, vision) - Employer-paid short/long term disability insurance and basic life/AD&D insurance - 401K with a 4% employer contribution - Professional development reimbursement options available (training, certification, education, etc) - Flexible and remote work policies for most positions - Paid Time Off (PTO) at a rate of three (3) weeks plus one (1) day per year of service up to four (4) weeks annually - 11 paid holidays per calendar year - The anticipated salary range for this role is $100,000 - $155,000 per year, depending on experience and qualifications.

United States
$100K - $155K / year

Title: Help Desk - Security Analyst Location: Winchester, Virginia Job Description: Employment: Full-time, W-2 employee of our Winchester, Virginia-based client Location: Winchester, VA. On-site at the CPA firm (160 Exeter Drive) 2–3 days per week — closer to 3. Remote the remainder. Reports to: The security team of our Winchester, Virginia-based client; coordinates day-to-day with the CPA firm's IT and security leadership Compensation: Base salary $62,000–$67,000, commensurate with experience About the engagement We are recruiting on behalf of our Winchester, Virginia-based client for a hybrid Help Desk + Security Analyst role embedded inside their anchor CPA firm engagement. Time splits roughly 50/50: half supplementing the CPA firm's internal help desk, half working as a security analyst inside the security program our client manages on the firm's behalf. The hire is our client's hands-on presence in the CPA firm's office. This is a strong seat for someone who wants to grow into deeper security work without giving up the IT generalist skills that keep them sharp and useful. Responsibilities Help Desk (~50%) - Tier 1 / Tier 2 end-user support: workstations, accounts, productivity software, common application issues - Microsoft 365 administration (Exchange Online, Teams, SharePoint, Entra ID basics) - Hardware support, imaging, and provisioning alongside the CPA firm's IT team - Ticket queue ownership and triage Security (~50%) - Vulnerability management: scan operations, finding triage, remediation tracking with IT and end users - Phishing simulation campaigns: planning, deployment, reporting, follow-up training - Security ticket triage and investigation (EDR alerts, email security, identity) - Incident response support under the senior leadership of our Winchester, Virginia-based client - Routine hygiene: access reviews, configuration checks, hardening tasks Required Experience - 2–4+ years across IT support / help desk / junior SOC or security analyst work (any combination) - Strong Microsoft 365, Azure, and Windows endpoint fundamentals - Familiarity with vulnerability scanning workflows — not an expert, but knows what a CVSS score is and how to drive a fix - Solid customer service instincts: patient, professional, willing to help - Lives within reliable commuting distance of Winchester, VA, and can be on-site 2–3 days per week Preferred Experience - Security+, Network+, or equivalent certifications - Experience with EDR platforms (Microsoft Defender, SentinelOne) - Prior exposure to phishing simulation tools (KnowBe4, etc.) - Curiosity about offensive security — there is real room to grow toward pentest and red-team adjacent work over time Compensation - Base salary $62,000–$67,000, commensurate with experience - Full benefits: medical, dental, vision, and 401(k) with employer match - Paid time off and supported professional development

Virginia
$62K - $67K / year
Full TimeRemoteTeam 201-500H1B No Sponsor

• Develop and execute a territory plan for UAE enterprise and strategic accounts; map white space, key stakeholders, and buying centers. • Build and manage a healthy pipeline aligned to quarterly and annual targets; create multi-threaded executive relationships. • Lead complex sales cycles for professional and managed services (e.g., advisory/assessments, implementation, managed XDR/SIEM, cloud & identity security). • Run discovery, solution shaping, value articulation, and ROI/TCO narratives with senior client stakeholders. • Recruit, enable, and co-sell with key partners, drive deal registration, joint go to market, and partner-led pipeline. • Build trusted advisor relationships with C-suite, security leaders, IT operations, and procurement/commercial teams. • Navigate UAE procurement processes (tenders/RFPs/RFIs, vendor pre-qualification, contract reviews) and coordinate internal approvals (legal, finance, delivery). • Own pricing, proposals, SoWs, and risk mitigation; drive compelling bids with presales and solution architects. • Land, expand, and renew multi‑year service contracts; identify cross‑sell/upsell motions across security, cloud, network, data, and compliance services. • Conduct QBRs/EBRs with clients and partners; track outcomes against success metrics and SLAs.

United Arab Emirates

Security / Cryptography Engineer

CE Labs

CE Labs designs and builds systems where security comes first — applied cryptography and rigorous engineering, backed by formal methods where correctness matters most.

Role Description At CE Labs, which we just spun off from Cryspen, we're all about creating the core security and privacy tools for the apps of tomorrow. We do everything from advanced, end-to-end encrypted protocols such as MLS to handling all the cryptography underneath. Plus, we assist others in bundling these into SDKs and applications. We are looking for a systems-minded engineer fluent in Rust to join our small team. Your main focus will be translating RFCs, complex cryptographic primitives, and academic papers into production-ready, safe, and highly optimized software. You will also actively help us design and create entirely new protocols and standards. - Develop and implement cryptographic protocols to enhance system security. - Collaborate with internal and external teams to integrate security protocols and cryptography into software applications. - Conduct security audits and vulnerability assessments to identify and mitigate risks. - Stay updated on the latest advancements in security and cryptography and apply them to our projects. - Work closely with clients to understand their security needs and provide tailored solutions. Qualifications - Strong foundation in applied cryptography and understanding of cryptographic protocols. - Experience with software development in Rust, specifically in security-focused applications. - Excellent problem-solving skills and the ability to work collaboratively in a small team setting. - A plus: A degree in Computer Science, Engineering, or a related field, or equivalent experience. - A plus: Interest in formal methods and their application in ensuring system correctness. Benefits - Flexible working hours - Public transportation benefits - Remote work - Room to grow personally and professionally - Family-friendly work environment - 4 day work week Company Description CE Labs designs and builds systems where security comes first — applied cryptography and rigorous engineering, backed by formal methods where correctness matters most.

Worldwide