Information Security Analyst | Group Technology | Corporate Services
Established in the 1930s as a trading business, Al-Futtaim Group today is one of the most diversified and progressive, privately held regional businesses headquartered in Dubai, United Arab Emirates. Structured into five operating divisions automotive, financial services, real estate, retail and healthcare employing more than 35,000 employees across more than 20 countries in the Middle East, Asia and Africa, Al-Futtaim Group partners with over 200 of the world's most admired and innovative brands. Al-Futtaim Group's entrepreneurship and relentless customer focus enables the organisation to continue to grow and expand responding to the changing needs of our customers within the societies in which we operate.
By upholding our values of respect, excellence, collaboration and integrity Al-Futtaim Group continues to enrich the lives and aspirations of our customers each and every day.
We are currently seeking an experienced professional to join our Group Technology & Digital Platforms Team in the capacity of Information Security Analyst.
Overview of the role
The Entry-Level Information Security Analyst will play a key role in supporting our Cyber Defence activities and will be responsible for working on various aspects of information security, focusing on SIEM Administration, Security Operations Centre (SOC) events monitoring and investigations and Vulnerabilities assessment. This is an exciting opportunity to join a dynamic SOC team and play a key role in defending our organization against cyber threats.
What you will do
- Administration and maintenance of QRadar appliances, including software updates, patches, and upgrades.
- Monitoring and analyzing security events and incidents detected by QRadar.
- Performing regular health checks, tuning, and optimization of QRadar system components.
- Troubleshooting and resolution of issues related to QRadar functionality and performance.
- Collaboration with IT security teams to develop and refine use cases and threat detection strategies.
- Providing support and assistance to other IT teams and stakeholders on Qradar-related matters.
- Documentation of Qradar configurations, processes, and procedures.
Security Operations and Incident Management
- Monitor security alerts and events detected by security monitoring systems, including SIEM, IDS/IPS, endpoint security, and other security tools.
- Investigate and analyze security incidents to determine the root cause, impact, and appropriate response.
- Perform in-depth analysis of security events and incidents to identify indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs) used by threat actors.
- Develop and execute containment, eradication, and recovery plans for security incidents in coordination with incident response teams and other stakeholders.
- Document incident findings, analysis, and actions taken in incident tickets and reports.
- Collaborate with other teams, including IT, network operations, and application teams, to coordinate response efforts and implement security controls.
- Participate in security incident response exercises, tabletop simulations, and post-incident reviews to improve incident response processes and procedures.
- Perform vulnerabilities scanning and support its closure with wider team.
- Stay up to date on emerging threats, vulnerabilities, and security technologies through training, research, and knowledge sharing.
Process, procedure and Knowledge management
- Collaborate with team members and ensure the periodic update of all the SOC specific process, procedures and activity lists.
- Upgrade skills as per the need on ongoing basis to meet the requirement of SOC analyst.
Required skills to be successful.
- Strong foundational knowledge of information security principles and concepts.
- Proficiency in analytical and problem-solving skills.
- Exceptional communication and teamwork abilities.
- Effective organizational and time management skills, especially in an operational role.
- Commitment to strict adherence to SLAs to provide excellent support for critical business issues.
- Familiarity with commonly utilized security tools and technologies is an asset.
What equips you for the role
- Relevant - Bachelor's degree in information security, Computer Science, or related field (or equivalent experience).
- Minimum 8+ years of experience.