Reviews security requirements and assesses the security posture of current EBC systems and new projects to identify gaps or improvements based on risk assessments, threat modeling, and technical testing.
Participates in design and initial implementation of new technical scrutiny controls.
Handles risk management review, monitoring and reporting till it reaches to EBC risk appetite.
Reviews and examines systems compliance against present security standards and the PCI DSS, PCI PIN Security, 3DS, TSP, ISO27001, etc.
Audits different systems and all technical department operations against security standards and internal policies.
Analyzes new application architecture against the security standards and best practice and provide security sign-off before live deployment.
Asses the controls of different cloud platform used.
Perform third party risk management activities according to EBC process.