44 Information Governance jobs in Egypt

Perform the required data exploration activities needed to set proper data elements definitions used in the process of creating information and analytics using machine learning, data mining, and information quality techniques in order to set proper data elements definitions used in the process of creating information and analytics.

1. Identify information quality defects patterns and trends and perform root-cause analysis, gap analysis, and impact analysis to solve complex business problems.

2. Generate Information Quality analytical monitoring reports in order to capture and highlight any issues in the data transformation process into Information and knowledge and highlight their impact on the decision making process

3. Generate Information Quality Dashboards to provide senior management with proper visual monitoring and tracking tools to monitor the defects in business processes, SOPs or data transformation, and track the progress of eliminating the defects.

4. Validate and verify that the transformation rules, selection criteria, and filtration criteria used in reports and analytical models match the defined standard for each data element in order to ensure the accuracy and integrity of the decision making process.

5. Monitor and report any inconsistencies, uniqueness and incompleteness issues in the business terms, aggregation methods, and business rules definitions in the enterprise business glossary to maintain the consistency of information .

6. Collaborate with other business areas that are sourcing and consuming information and analytics to align expectations as part of developing requirements, creating and executing business plans in order to ensure following the Information quality guidelines.

7. Apply the information and analytics governance framework including the management of business rules, operating model, information and analytics related policies and standards in order to deliver a smooth operation process.

8. Participate in the required research and POCs to explore and implement new technology trends and complex information and analytics governance use cases in order to enhance the enterprise data governance operating model.

9. Apply the data management framework including the management of data, information and analytics operating model, data policies and standards in order to deliver a smooth operation process.

Policies, Processes and Procedures

1. Follow all relevant department policies, processes, standard operating procedures and instructions so that work is carried out in a controlled and consistent manner

Day-to-day Operations

1. Follow the day-to-day operations related to own jobs in the department to ensure continuity of work

Compliance

1. Comply with all relevant CBE regulations, banking laws, AML regulations and internal policies and code of conduct in order to maintain sound legal position and mitigate any potential risks

2. Monitor and ensure that Information and Analytics related decisions, processes, and controls subject to Data transformations are auditable;

3. Business Glossary should be timely updated to reflect the real situation.

4. Information architecture should be always up-to-date and reflecting the existing facts.
5. Documentation should be available to support compliance-based and operational auditing requirements.

 Bachelor's degree of Information Systems, Computer Science or its equivalent

Minimum 2 - 4 years of previous work experience

xperience in data analysis, data governance, information governance, data management, or data analytics related jobs would be a plus.

ood Knowledge in database concept and PL-SQL, BI concepts (ETLs, Cubes, Dashboards, ) is a must

ood Knowledge in Python or R is a must

ood Knowledge in Data Mining techniques and dealing with huge data sets is a plus

ood Knowledge in Data Visualization tools is a plus

trong Analytical skills with a high degree of accuracy

trong Problem Solving and Data Manipulation Skills

bility to analyze Complex business problems

bility to exercise good judgment and discretion, especially with regards to sensitive or confidential personnel and organizational matters

emonstrated ability to 1) effectively work in an ambiguous environment, 2) effectively work in a cross-team environment and 3) succeed in a complex and dynamic work environment.4) Work independently, directly with the business partners.

 rong interpersonal and communication skills; ability to develop and maintain effective working relationships with persons at all levels in the organization

igh energy and high endurance; ability to respond flexibly and positively in all circumstances; calm under pressure and tight deadlines

trong organizational skills; ability to work independently and to prioritize a heavy workload of competing assignments

Perform the required data exploration activities needed to set proper data elements definitions used in the process of creating information and analytics using machine learning, data mining, and information quality techniques in order to set proper data elements definitions used in the process of creating information and analytics.

• Identify information quality defects patterns and trends and perform root-cause analysis, gap analysis, and impact analysis to solve complex business problems
• Generate Information Quality analytical monitoring reports in order to capture and highlight any issues in the data transformation process into Information and knowledge and highlight their impact on the decision making process
• Generate Information Quality Dashboards to provide senior management with proper visual monitoring and tracking tools to monitor the defects in business processes, SOPs or data transformation, and track the progress of eliminating the defects
• Validate and verify that the transformation rules, selection criteria, and filtration criteria used in reports and analytical models match the defined standard for each data element in order to ensure the accuracy and integrity of the decision making process
• Monitor and report any inconsistencies, uniqueness and incompleteness issues in the business terms, aggregation methods, and business rules definitions in the enterprise business glossary to maintain the consistency of information
• Collaborate with other business areas that are sourcing and consuming information and analytics to align expectations as part of developing requirements, creating and executing business plans in order to ensure following the Information quality guidelines
• Apply the information and analytics governance framework including the management of business rules, operating model, information and analytics related policies and standards in order to deliver a smooth operation process
• Participate in the required research and POCs to explore and implement new technology trends and complex information and analytics governance use cases in order to enhance the enterprise data governance operating model
• Apply the data management framework including the management of data, information and analytics operating model, data policies and standards in order to deliver a smooth operation process

Policies, Processes and Procedures

• Follow all relevant department policies, processes, standard operating procedures and instructions so that work is carried out in a controlled and consistent manner

Day-to-day Operations

• Follow the day-to-day operations related to own jobs in the department to ensure continuity of work

Compliance

• Comply with all relevant CBE regulations, banking laws, AML regulations and internal policies and code of conduct in order to maintain sound legal position and mitigate any potential risks
• Monitor and ensure that Information and Analytics related decisions, processes, and controls subject to Data transformations are auditable;
• Business Glossary should be timely updated to reflect the real situation
• Information architecture should be always up-to-date and reflecting the existing facts
• Documentation should be available to support compliance-based and operational auditing requirements

Requirements
 Bachelor's degree of Information Systems, Computer Science or its equivalent

Minimum 2 - 4 years of previous work experience

xperience in data analysis, data governance, information governance, data management, or data analytics related jobs would be a plus.

ood Knowledge in database concept and PL-SQL, BI concepts (ETLs, Cubes, Dashboards, ) is a must

ood Knowledge in Python or R is a must

ood Knowledge in Data Mining techniques and dealing with huge data sets is a plus

ood Knowledge in Data Visualization tools is a plus

trong Analytical skills with a high degree of accuracy

trong Problem Solving and Data Manipulation Skills

bility to analyze Complex business problems

bility to exercise good judgment and discretion, especially with regards to sensitive or confidential personnel and organizational matters

emonstrated ability to 1) effectively work in an ambiguous environment, 2) effectively work in a cross-team environment and 3) succeed in a complex and dynamic work environment.4) Work independently, directly with the business partners.

trong interpersonal and communication skills; ability to develop and maintain effective working relationships with persons at all levels in the organization

igh energy and high endurance; ability to respond flexibly and positively in all circumstances; calm under pressure and tight deadlines

trong organizational skills; ability to work independently and to prioritize a heavy workload of competing assignments

Ensure proposing the security policies and conduct their annual review in alignment with the Enterprise Risk Management framework set by the 2nd line to be reviewed by the relevant stakeholders according to the policy review process. Follow the developed Data Classification & Protection program and carry on the related activities to classify and protect the bank's crown jewels and critical information assets.

Maintain the necessary controls to protect information and vital assets in accordance with security requirements and industry standards (privacy requirements, Personal Identifiable Information, encryption, Data Loss Prevention, data retention and destruction) for both structured and unstructured data.

Maintain the sensitive data inventory and data flows across all departments to ensure increased visibility & control of enterprise data landscape.

Liaise with IT security infrastructure team to ensure effective utilization and proper policy setup over the different security tools such as the Data Loss Prevention, Data Classification and the URL Web Filtering tools for proper handling of the bank's information according to the developed Information Governance policy.

Review and configure the information classification and protection tools' policies to enforce the proper classification of the bank's documents and files and applying the appropriate rights, documents' security and security controls accordingly.

Monitor and track the violations to the developed information access & handling security policies to ensure the necessary disciplinary actions take place. This includes unjustified access to information, data leakage attempts, improper handling of information assets, etc.

Maintain, review and update the standard operating procedures (SOP), for the different access management approvals and ensure proper adherence to the set SLA.

Maintain and develop an Enterprise Mobility Management (EMM) strategy and ensure the appropriate policies are applied on the EMM solution to ensure the adequate protection of information and accessibility over mobile devices.

Provide security controls approvals over information & Data related access requests, similar to Removable Media Access, External Email Access, Special Internet Access and EMM Access, to ensure proper business justification is in place and according to the defined process and SLA.

Identify and report awareness gaps related to the data classification and protection policies and guidelines to support the creation of relevant awareness campaigns

Qualifications & Experience

 Bachelor's degree of Engineering, Computer Science, Information Security or equivalent

Officer: Minimum 4 - 6 years of experience in IT, Information Security and/or Governance, Risk and Compliance

enior Officer: 6 - 8 years of experience in IT, Information Security and/or Governance, Risk and Compliance

isk management background

ecommended Certifications

o SANS Global Information Assurance Certification (GIAC)

o CISM

o ISO 27001:2013 Lead implementer

Skills

ery Good command of English and Arabic languages

ery Good Communication skills

ery Good Time Management skills

Requirements:

• Bachelor's degree in Computer Engineering, Information Technology, or related field.

• 1–2 years of relevant experience in Information Security operations.

• Knowledge of networking, operating systems (Windows/Linux).

• Certifications such as CCNA, MCSA, or Linux are a plus.

• Good understanding of firewalls and endpoint security solutions.

• Strong problem-solving and analytical skills.

• Applicants must be residents of Alexandria.

Job Duties:

• Implement and monitor security measures to protect computer systems, networks, and information.

• Identify and define system security requirements.

• Design security architecture and develop detailed cybersecurity designs.

• Manage and troubleshoot firewalls, endpoint security, and related security tools.

• Respond to and investigate security incidents.

If you are interested, kindly send your updated CV to with email subject Information Security Engineer

About Us

We're a growing
fintech startup
reimagining secure financial systems. Security is not a department — it's a culture. We're looking for an engineer who thrives at the intersection of
development, operations, and security
— someone eager to help us
shift security left
and embed it into our
SDLC
.

About the Role

As a
Security Software Engineer
, you will play a key role in securing our systems from design to deployment. You will work closely with engineers, DevOps, and product teams to
integrate security practices
, ensure
cloud and infrastructure safety
, and support
compliance initiatives
like ISO or PCI DSS.

What You'll Do

• Embed security throughout the
  software development lifecycle (SDLC)
• Build and maintain
  security tools
  , scripts, and automations
• Integrate security controls into CI/CD pipelines
• Conduct threat modelling, secure code reviews, and vulnerability assessments
• Monitor and respond to incidents using
  SOC tools
  (e.g., Wazuh, Suricata, OSSIM)
• Support and enforce
  cloud security best practices
  (AWS/Azure)
• Collaborate with engineers to
  raise security awareness
  and fix vulnerabilities
• Participate in and contribute to
  ISO 27001, PCI DSS
  , and similar processes
• Document security standards and provide internal training

What We're Looking For

• 3+ years in
  security engineering
  , DevSecOps, or a similar role
• Strong familiarity with
  SDLC security practices and shift-left approach
• Experience with one or more
  programming/scripting languages
  (C#, Python, Bash, etc.)
• Experience working with
  Agile and XP teams
• Hands-on experience with
  SOC tools
  , SIEM, and log correlation
• Good grasp of
  cloud security (IAM, encryption, networking)
• Familiar with
  DevOps tooling
  (CI/CD, Docker, IaC, etc.)
• Solid foundation in
  networking protocols, firewalls, VPNs
• Competence with
  Git-based workflows
• Contributed to or maintained parts of
  ISO 27001, PCI DSS
  , or SOC2 programs

Nice to Have

• Certifications:
  Security+
  ,
  CISSP
  ,
  OSCP
  ,
  CEH
  , or cloud security credentials
• Experience with
  threat intelligence
  ,
  attack simulation tools
  , or
  bug bounty triage
• Exposure to
  Zero Trust architectures
• Familiarity with tools like
  Trivy, Checkov, Snyk, Owasp ZAP
• Experience in
  incident response and postmortems

Why Join Us?

• Flexible hours, outcome-based work
• Culture of transparency, agility, and collaboration
• Work with a team that values
  security as code
• High-impact role in shaping secure fintech systems
• A strong platform for
  growth, innovation, and leadership

Job No:

Location: Egypt

Role Profile:

The GRC Lead – Privacy, Risk & Access Management will play a pivotal role in strengthening Alshaya Group's governance, risk, and compliance posture with a core focus on data privacy, enterprise risk management, and identity & access governance. This role will also lead and support cross-functional security projects such as SSO integration and user access reviews, ensuring secure, compliant, and business-aligned identity practices across the enterprise.

The Below Key Performance Areas include but are not limited to:

 Develop and implement privacy and data protection policies aligned with GDPR, KVKK, PDPL, and other regional regulations.

Conduct DPIAs, PIAs, and privacy risk assessments to ensure responsible data handling.

anage enterprise risk through a structured Risk Management Framework and maintain the Enterprise Risk Register.

efine and enforce IAM policies including RBAC, SoD, and user access reviews.

ead or support IAM initiatives such as SSO integrations, PAM implementations, and access certification campaigns.

lign GRC and IAM practices with standards like ISO 27001, NIST, PCI DSS, and SOX.

acilitate internal and external audits, assessments, and third-party reviews.

versee GRC tools and privacy platforms (e.g., Archer, OneTrust, ServiceNow GRC).

rive cross-functional projects including policy harmonization and audit remediation.

repare executive-level reports and dashboards for governance and compliance oversight.

ct as a liaison for privacy, risk, and IAM discussions across departments.

romote GRC awareness and training across the organization.

Knowledge:

trong understanding of global privacy regulations (e.g., GDPR, KVKK, PDPL) and data protection principles.

n-depth knowledge of enterprise risk management frameworks and risk assessment methodologies.

amiliarity with IAM concepts including RBAC, SoD, SSO, PAM, and identity lifecycle management.

xperience with compliance standards such as ISO 27001, NIST, PCI DSS, and SOX.

roficiency in using GRC and privacy management tools (e.g., Archer, OneTrust, ServiceNow GRC).

bility to lead cross-functional projects and integrate GRC, IAM, and privacy workflows.

trong stakeholder engagement and communication skills for executive and cross-departmental collaboration.

nalytical skills for conducting DPIAs, PIAs, and interpreting KRIs and audit findings.

nowledge of authentication protocols (e.g., SAML, OIDC) and identity governance best practices.

xperience in managing DSARs, breach responses, and audit readiness activities.

Experience:

-7 years experience in Information Security Domain

achelor's degree in Information Security, Computer Science, Risk Management, or related field. Master's degree or MBA is a plus.

IPP/E, CIPM, or other IAPP certifications; CRISC, CISA, or ISO 27001 Lead Implementer; Identity and Access certifications such as Azure, Okta, or SailPoint; ITIL or PMP for project management is a plus.

Skills:
br>
Strong understanding of IAM principles, SSO protocols (SAML, OIDC), and identity lifecycle.

nowledge of privacy regulations and enterprise risk frameworks.

xcellent stakeholder management, communication, and cross-functional collaboration skills.

roficient in GRC tools , Privacy Tools & Access management platforms.

Advertised: 10 Sep 2025

Application close: 11 Oct 2025

About Us
NowPay (YC W21) is a FinTech startup building a financial-wellness platform for employees in emerging markets. Saving, spending, budgeting and borrowing. Those are the 4 pillars of financial-wellness. NowPay aims to improve every aspect of those for employees by building products that tackle every vertical.

NowPay enables employees to get their salaries in advance at any point in time during the month and also pay their bills instantly. NowPay is backed by YCombinator, 500 Startups, BECO Capital, Global Ventures, Endure, Plug and Play, MSA Capital, 4dx, Foundation Ventures, EFG and Beltone.

Job Description
Role Summary:
We are seeking a skilled and proactive Information Security Engineer to lead and scale NowPay's cybersecurity posture. This role is critical to securing sensitive employee financial data, ensuring the integrity of salary disbursement systems, and supporting regulatory compliance (e.g. local regulators, PCI-DSS, and GDPR). The successful candidate will be responsible for designing and enforcing best-in-class security practices across our platforms, cloud infrastructure, and internal processes.

Key Responsibilities
Security Strategy & Architecture

• Define and continuously improve NowPay's information security strategy, policies, and controls across all layers (cloud, app, infrastructure).
• Lead threat modeling and risk assessment activities for new and existing systems.
• Ensure secure design of new fin-tech products including salary advance, BNPL, and bill payment services.

Vulnerability Management & Monitoring

• Conduct regular security assessments, vulnerability scans, and penetration testing.
• Monitor and respond to security incidents, collaborating with engineering and DevOps teams for resolution.
• Maintain and enhance audit logging, intrusion detection, and alerting systems.

Cloud & Application Security

• Implement secure configurations and hardening of AWS infrastructure (IAM, EC2, S3, RDS, etc.).
• Ensure secure code practices via CI/CD pipelines, code reviews, and dependency scanning (GitHub, Jira).
• Support the engineering team with encryption, tokenization, and data integrity mechanisms.

Compliance & Risk

• Support compliance with relevant regulatory frameworks (local regulators, PCI-DSS, ISO
• Manage security documentation, audits, and incident response playbooks.
• Collaborate with legal and compliance teams on security requirements for licensing or audits.

Employee Security Enablement

• Lead security awareness training for employees (e.g., phishing, password hygiene, secure device usage).
• Manage identity and access management (IAM), two-factor authentication, and role-based access controls.

Requirements

• 3+ years of experience in information security, preferably in fin-tech, banking, or SaaS environments.
• Hands-on experience with cloud/on-site security.
• Familiarity with regulatory and compliance standards: local regulators, GDPR, PCI-DSS, ISO 27001.
• Proficient in tools such as Metabase, GitHub, Jira, SIEMs, firewalls, and endpoint protection systems.
• Strong knowledge of OWASP Top 10, encryption protocols, and authentication systems.
• Bachelor's degree in Computer Science, Information Security, or related fields.

Benefits

• Medical insurance coverage
• Social insurance
• Salary advance

check(event) ; career-website-detail-template-2 => ,meta)" mousedown="lyte-button => check(event)" final- final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered="">

Job No:

Location: Egypt

Role Profile:

The GRC Admin will be responsible in implementing, interpreting, and ensuring compliance with information security policies. Assess and prioritize cybersecurity risks, supporting regulatory compliance, and report security metrics, maintaining governance standards, conducting risk assessments for internal systems and third-party vendors, enforcing security policies, and advising leadership on risk strategies such as mitigation, reduction, transfer, exception handling, and residual risk analysis.

The Below Key Performance Areas include but are not limited to:

 Implement a data security & privacy risk reporting framework aligned with ISO standards.

Design and document controls to ensure compliance with regulatory and internal requirements.

acilitate remediation of control gaps and escalate critical issues to leadership.

anage exception review processes and ensure periodic documentation and review.

repare for and support regulatory examinations such as PCI DSS.

ollaborate with auditors and control owners to ensure timely completion of requests.

onitor and analyze information security metrics to evaluate program effectiveness.

onduct risk assessments to identify vulnerabilities in systems and third-party products.

ecommend and implement controls to mitigate identified security risks.

ommunicate risk findings and actionable recommendations to stakeholders.

upport workforce security initiatives including awareness and training programs.

acilitate eDiscovery and data collection for investigations of policy violations.

nalyze security incidents and coordinate remediation and awareness efforts.

ontribute to the development and lifecycle management of security policies and procedures.

ollaborate across the organization to implement and enforce security policies.

Knowledge:

nderstanding of ISO standards and frameworks for information security risk reporting.

nowledge of designing and implementing technical, administrative, and physical security controls.

amiliarity with regulatory compliance requirements (e.g., GDPR, PCI DSS) and audit processes.

xperience in managing exception handling processes and compliance documentation.

bility to evaluate and improve the effectiveness of information security programs using metrics.

roficiency in conducting and documenting information security risk assessments.

nowledge of risk mitigation strategies and control implementation.

trong communication skills to convey risk findings and recommendations to stakeholders.

wareness of workforce security practices, including training and awareness programs.

xperience with eDiscovery processes and handling policy violation investigations.

nalytical skills for incident analysis and coordination of remediation efforts.

nderstanding of policy development, lifecycle management, and enforcement.

bility to collaborate across departments to implement security policies effectively.

Experience:

years experience in Information Security Domain

raduation Degree/BTech, Computer Science

ecurity +, Networking, certifications is added advantage.

Skills:
br>
Strong knowledge of information security governance, risk assessment, and compliance frameworks (e.g., GDPR, PCI DSS).

bility to develop, implement, and manage security policies, controls, and awareness programs.

roficiency in conducting risk assessments and analysing security metrics to support decision-making.

xcellent communication and collaboration skills for working with leadership, auditors, and cross-functional teams.

Advertised: 10 Sep 2025

Application close: 11 Oct 2025

• Establish and maintain the organization's Cyber Defense methodology in line with security regulations and requirements.
• Obtain senior management endorsement for security policies, standards, and procedures by clearly articulating their benefits.
• Investigate cybersecurity incidents and violations, reporting findings and recommendations to the CISO.
• Respond rapidly and effectively to cybersecurity incidents in line with incident management processes.
• Prepare periodic performance reports based on analysis and correlation of security events.
• Oversee projects and deployments of security tools to ensure an effective security posture.
• Lead the Security Operations Center (SOC) team, including shift planning and operational tool implementation.
• Manage the Cyber Defense Centre and its resources to ensure operational effectiveness.
• Maintain the security of corporate information against all internal and external threats.
• Provide security input into the organization's strategic planning process and enterprise-level decisions.
• Implement and maintain the organization's information security program in alignment with business objectives.
• Raise major cybersecurity incidents directly to the CISO.

Requirements

• Bachelor's degree in Computer Science, Information Systems, or related field.
• 10+ years of experience in Information Security / Cyber Defense.
• Proven experience managing SOC teams and cyber defense operations.
• Strong knowledge of incident response, threat detection, and security monitoring.
• Hands-on expertise with SIEM, endpoint protection, and enterprise security tools.
• Relevant certifications (CISSP, CISM, CISA, or equivalent) preferred.
• Strong analytical, leadership, and communication skills.