Information Protection Analyst (Saudi Arabia)

Eram Talent, a leading Talent Acquisition Consultancy based in Saudi Arabia, is seeking a highly skilled Information Protection Analyst to join our team. We specialize in providing exceptional recruitment solutions to clients in various industries, including Oil & Gas, Petroleum, Infrastructure, Energy, Water, Transportation, Science & Technology, and Health Care.

The Information Protection Analyst will be responsible for safeguarding sensitive information and ensuring the integrity, availability, and confidentiality of data. This includes implementing and maintaining security controls, conducting risk assessments, and monitoring compliance with information protection policies and procedures.

The main purpose of the Information Protection Analyst is to perform the assigned jobs under one of the following functions:

a.      Access Management

b.      Security & Vulnerability Management

c.       Security Intelligence Center

• The main responsibilities of the Information Protection Analyst is to perform his duties under one of the following IT Information Protection sections:
•         1. Access Management
•         2. Security & Vulnerability Management
•         3. Security Intelligence Center
• Also, he/she will be responsible/accountable on the following activities:
• Identifies, analyzes, monitors, mitigates and manages threats and vulnerabilities to IT systems and networks.
• Apply service-oriented security architecture principles to meet the organization's confidentiality, integrity and availability requirements
• Uses defensive measures and multi-source information to report events and respond to incidents.
• Uses data collected from cyber defense tools to analyze events that occur within the organization to detect and mitigate cyber threats.
• Ensure all systems security operations and maintenance activities are properly documented and updated as necessary.
• Tests, implements, deploys, maintains and administers hardware and software that protect and defend systems and networks against cybersecurity threats.
• Manages individuals and entities identities and access to resources through applying identification, authentication and authorization systems and processes.
• Ensure identity access management implementations follow organization's standards and policies.
• Performs vulnerability assessments of systems and networks. Identifies where they deviate from acceptable configurations or applicable policies. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
• Collects and analyzes digital evidence, investigates cybersecurity incidents to derive useful information to mitigate system and network vulnerabilities.
• Identifies, collects, examines and preserves evidence using controlled and documented analytical and investigative techniques.
• Collects and analyzes multi-source information about cybersecurity threats to develop deep understanding and awareness of cyber threats and actors’ Tactics, Techniques and Procedures (TTPs), to derive and report indicators that help organizations detect and predict cyber incidents and protect systems and networks from cyber threats.
• Proactively searches for undetected threats in networks and systems, identifies their Indicators of Compromise (IOCs) and recommends mitigation plans.
• Designs and oversees the development, implementation and configuration of cybersecurity systems and networks.
• Ensure that protection and detection capabilities are aligned with the organization's cybersecurity strategy, policies and other related documentation.