The primary function of this role is to monitor the ENOC environment on 24*7 basis and conduct initial analysis’s for events to identify any cyber security threats or attacks on ENOC IT/OT assets. In addition to preforming first response assessment of the cyber Security incident and escalate to Senior Security Analyst for further investigation and response as per approved policies, processes and procedures.
- Follow response procedures and other CIC related SOPs based on the incident impact analysis & predetermined response actions procedures
- Acknowledge, analyse and validate vulnerabilities/incidents triggered from correlated events through SIEM or other security solution
- Acknowledge, analyse and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
- Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets
- Gain an understanding of security risks and controls
- Undertake first stages of false positive and false negative analysis
- Perform analysis of log files to collect more contextual information in order to triage security events
- Review and align priority, severity and classification of security incidents
- Collect contextual information and pursue technical root cause analysis & attack method analysis
- Conduct analysis of the events/incidents to identify potential deficiencies in deployed controls led to the incident to be materialized
- Analyse reported cyber security events and incidents and recommend remediation and improvement actions
- Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC.
- Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions
- Participate in post incident reviews and recommend improvements plans
- Investigate, document, and report on information security issues and emerging trends.
- Should be on-call 24 hours per day to respond to security emergences or other related problems
- Should work on shifts schedule which includes weekends
- Degree: Bachelor’s degree in Computer Science, Engineering or Business field or equivalent, Diploma with additional relevant experience.
- Required professional certifications: Professional certificate such as CISSP, GCTI , GCFA, GNFA
- 5+ years of Information security or technology experience.
- 3+ years in relevant experience.
- Working experience in multiple industries (e.g. Energy, Utilities, Retail, Government…) is preferable.
- Working experience in cyber security threats monitoring and handling
- Exposer to OT security operation center experience will be a pulse.
To apply for this job please visit www.gccrecruitments.com.