Senior Security Analyst
Date: 15 Nov 2023
Location: DUBAI, AE
Senior Security Analyst
The primary function of this role is to monitor the ENOC environment on 24*7 basis and conduct advance analysis’s for events to identify any cyber security threats or attacks on ENOC IT/OT assets. In addition to preforming advance response assessment of the cyber security incident and escalate to Cyber Intelligence Center Manager as per approved policies, processes and procedures.
•Follow response procedures and other CIC related SOPs based on the incident impact analysis & predetermined response actions procedures Manage the communication of policies & guidelines and monitor the compliance CIC operations to the cyber-security policies & guidelines.
•Work closely with security analysts to get direct feedback about new, unknown suspicious behaviour
•Handle escalated incident from security analyst to conduct deep investigations.
•Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets
•Conduct malware analysis using run-time analysis, comparative analysis, and reverse engineering tools
•Conduct digital forensics and deep investigations and evidence handling in line with best practices
•Preform threat hunting, discovery and exploration to identify threats that pass traditional detection tools.
•Perform proactive research to identify and characterize new emerging threats, vulnerabilities, and risks.
•Review and align priority, severity and classification of security incidents
•Develop metrics, reporting and documentation on frequency, impact, and types of incidents.
•Collaborate on the investigation of incidents, containment, remediation and root cause analysis
•Collaborate and conduct research to design and implement new security technology, update existing strategies, improve process and create additional documentation.
•Develop techniques and processes to identify anomalous behavioral patterns.
•Collect contextual information and pursue technical root cause analysis & attack method analysis
•Identify gaps, take ownership of tasks and become a contributor to projects related to CIC as needed.
•Advocate security best practices, strategy, architecture, and assist in security design consultations.
•Apply strategic and tactical responses in challenging environments with heterogeneous systems.
•Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC.
•Participate in Development and implementation of new correlation rules and use-cases in SIEM and enhance the monitoring and detection capabilities of the CIC to integrate SIEM with other monitoring tools with appropriate scripting knowledge skills
•Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions
•Participate in closing identified security audit points.
•Periodically report on IT security status, security systems efficiency, and recommended improvements to management.
•Should be on-call 24 hours per day to respond to cyber security emergences
Additional Principal Accountabilities
•Degree: Bachelor’s degree in Computer Science, Engineering or Business field or equivalent, Diploma with additional relevant experience.
•Required professional certifications: Professional certificate such as CISSP, GCTI , GCFA, GNFA
•7+ years of Information security or technology experience.
•4+ years in relevant experience.
•Working experience in multiple industries (e.g. Energy, Utilities, Retail, Government…) is preferable.
•Working experience in cyber security threats monitoring and handling
•Exposer to OT security operation center experience will be a pulse.