Specialist, Incident Response

Be among the first applicants.
-
Abu Dhabi
AED 120,000 - 180,000
Be among the first applicants.
3 days ago
Job description
JOB PURPOSE :

Investigate, analyze, and respond to cybersecurity incidents. Investigate security incidents that may negatively impact ADNOC (including hacking attempts, intrusions, virus infections, mishandling of information, and other security threats), provide support during large incidents and investigations, participate in threat hunting activities.

Define, develop, maintain and regularly test incident response processes and procedures.

Define and create use cases and scenarios to address new threats and improve security monitoring and alerting capabilities.

KEY ACCOUNTABILITIES:
  • Coordinate and provide expert technical support to enterprise-wide cybersecurity technicians to resolve cyber defense incidents.
  • Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
  • Perform cybersecurity incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.
  • Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
  • Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
  • Track and document cybersecurity incidents from initial detection through final resolution.
  • Perform real-time cybersecurity incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs).
  • Write and publish cybersecurity techniques, guidance, and reports on incident findings to appropriate constituencies.
  • Employ approved defense-in-depth principles and practices.
  • Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cybersecurity incidents within the enterprise.
  • Write and publish 'after action' reviews.
  • Monitor external data sources to keep understanding current cybersecurity threats, stay up to date and determine which security issues may have an impact on the organization.
  • Coordinate incident response functions.
  • Provide expert technical support to resolve cyber defense incidents.
  • Coordinate with threat intelligence analysts to correlate threat assessment data.
  • Report cyber incidents to inform cyber defense.
  • Identify and select most effective sources of information to assist with incident investigation.


Relationship Management
  • Develop and maintain effective business relationships with all relevant internal functions, departments, and external entities such as shareholders, key government authorities, service providers, vendors, and other key stakeholders with the highest standards of business ethics, whilst promptly attending to all critical issues in order to ensure the services required by the organization are delivered in the most effective manner.

Vendor Management
  • Provide technical expertise and guidance to conduct market analysis for new technological developments and the adaptability of relevant developments on Data Protection within the organization, in order to support that technology at ADNOC stays current.
  • Lead the provision of technical expertise in developing RFPs and RFQs relevant to Enterprise Architecture; guide and advise the preparation of tendering and contractual documentation to ensure cost-effective and quality services are obtained for ADNOC.
  • Guide and participate in the negotiation of contractual terms and Service Level Agreements (SLA) ensuring protection of ADNOC's interests and receipt of optimum level of services to facilitate IT operations.

Supervision
  • Plan, supervise and coordinate all activities in the assigned area to meet functional objectives.
  • Train and develop the assigned staff on relevant skills to enable them to become proficient on the job and deliver the respective business objectives.

Budgets
  • Provide input for preparation of the Function / Division / Department / Section budgets, assist in the implementation of the approved Budget, and work plans to deliver business objectives.
  • Investigate and highlight any significant variances to support effective performance and cost control.

Policies, Systems, Processes & Procedures
  • Implement approved Function/ Division/ Department/ Section policies, processes, systems, standards, and procedures in order to support execution of the work programs in line with Company and International standards.

Performance Management
  • Contribute to the achievement of the approved Performance Objectives for the Function/ Division / Department/ Section in line with the Company Performance framework.

Innovation and Continuous Improvement
  • Design and implement new tools and techniques to improve the quality and efficiency of operational processes.
  • Identify improvements in internal processes against best practices in pursuit of greater efficiency in line with best industry standards in order to define intelligent solutions for issues confronting the function.

Health, Safety, Environment (HSE) and Sustainability
  • Comply with relevant HSE policies, procedures, controls, applicable legislation, and sustainability guidelines in line with international standards, best practices, and ADNOC Code of Practices.

Reports
  • Provide inputs to prepare MIS and progress reports for Company Management.


COMMUNICATIONS & WORKING RELATIONSHIPS:

Internal
  • Frequent contact with Senior Management of all Directorates on key issues relating to Enterprise Architecture and adoption of state-of-the-art technology in line with ADNOC's vision.
  • Regular contact with the counterparts in ADNOC Group Companies on intra-group coordination on Enterprise Architecture related issues.

External
  • Frequent contact with Contractors/Consultants/Suppliers at managerial level on matters relating to acquisition of IT services for Enterprise Architecture.
  • Technical meetings for Enterprise Architecture aspects with contractors and all other teams across ADNOC and other stakeholders.
  • Occasional contacts with senior management of international oil companies for exchange of information/benchmarking/study visits and training programmes.
  • Regular contacts with international IT service providers and telecommunication providers on matters related to IT services and strategic directions.


QUALIFICATIONS, EXPERIENCE, KNOWLEDGE & SKILLS:

Minimum Qualification
  • Bachelor's degree in Information Technology, Computer Science, Information Security or equivalent.

Minimum Experience & Knowledge & Skills
  • 9 years of experience in information security or related technology experience.


Professional Certifications - preferred
  • CEH (Certified Ethical Hacker)
  • GIAC Certified Intrusion Analyst
  • GIAC Certified Incident Handler
  • GIAC Certified Forensics Analyst
  • Certified Computer Forensics Examiner
  • Certified Reverse Engineering Analyst
  • CompTIA Cybersecurity Analyst (CySA+)
  • CompTIA Security+


TECHNICAL COMPETENCIES:
  • As per approved Competency Dictionary.
Get a free, confidential resume review.
Select file or drag and drop it
TrustpilotStars
Rated “Excellent” based on 14,992 reviews
Avatar
Free online coaching
Improve your chances of getting that interview invitation!
Be the first to explore new Specialist, Incident Response jobs in Abu Dhabi
Follow us
JobLeads Youtube ProfileJobLeads Linkedin ProfileJobLeads Instagram ProfileJobLeads Facebook ProfileJobLeads Twitter AccountJobLeads Xing Profile
Company
Services
Free resources
Support

© JobLeads 2007 - 2025 | All rights reserved