Cyber Security Analyst - Emirati Talent

Job Purpose

The primary function of this role is to monitor the ENOC environment on a 24/7 basis and conduct initial analyses for events to identify any cyber security threats or attacks on ENOC IT/OT assets. In addition to performing first response assessments of cyber security incidents, the analyst will escalate issues to the Senior Security Analyst for further investigation and response as per approved policies, processes, and procedures.

Principal Accountabilities

1. Follow response procedures and other CIC-related SOPs based on incident impact analysis and predetermined response actions.
2. Acknowledge, analyze, and validate vulnerabilities/incidents triggered from correlated events through SIEM or other security solutions.
3. Acknowledge, analyze, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
4. Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets.
5. Gain an understanding of security risks and controls.
6. Undertake first stages of false positive and false negative analysis.
7. Perform analysis of log files to collect more contextual information in order to triage security events.
8. Review and align priority, severity, and classification of security incidents.
9. Collect contextual information and pursue technical root cause analysis and attack method analysis.
10. Conduct analysis of the events/incidents to identify potential deficiencies in deployed controls that led to the incident materialization.
11. Analyze reported cyber security events and incidents and recommend remediation and improvement actions.
12. Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC.
13. Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions.
14. Participate in post-incident reviews and recommend improvement plans.
15. Investigate, document, and report on information security issues and emerging trends.
16. Should be on-call 24 hours per day to respond to security emergencies.

Education

1. Degree: Bachelor’s degree in Computer Science, Engineering, or Business field or equivalent, Diploma with additional relevant experience.
2. Required professional certifications: Professional certificate such as CISSP, GCTI, GCFA, GNFA.

Experience

1. 5+ years of information security or technology experience.
2. 3+ years in relevant experience.
3. Working experience in multiple industries (e.g., Energy, Utilities, Retail, Government…) is preferable.
4. Working experience in cyber security threats monitoring and handling.
5. Exposure to OT security operation center experience will be a plus.