Security Analyst

Security Analyst

ENOC - SSC

The primary function of this role is to monitor the ENOC environment on 24*7 basis and conduct initial analysis’s for events to identify any cyber security threats or attacks on ENOC IT/OT assets. In addition to preforming first response assessment of the cyber Security incident and escalate to Senior Security Analyst for further investigation and response as per approved policies, processes and  procedures.

Operational 
•    Follow response procedures and other CIC related SOPs based on the incident impact analysis & predetermined response actions procedures
•    Acknowledge, analyse and validate vulnerabilities/incidents triggered from correlated events through SIEM or other security solution
•    Acknowledge, analyse and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
•    Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets
•    Gain an understanding of security risks and controls
•    Undertake first stages of false positive and false negative analysis
•    Perform analysis of log files to collect more contextual information in order to triage security events 
•    Review and align priority, severity and classification of security incidents
•    Collect contextual information and pursue technical root cause analysis & attack method analysis
•    Conduct analysis of the events/incidents to identify potential deficiencies in deployed controls led to the incident to be materialized
•    Analyse reported cyber security events and incidents and recommend remediation and improvement actions
•    Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC.
•    Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions 
•    Participate in post incident reviews and recommend improvements plans 
•    Investigate, document, and report on information security issues and emerging trends.
•    Should be on-call 24 hours per day to respond to security emergences or other related problems
•    Should work on shifts schedule which includes weekends  

Education
•    Degree: Bachelor’s degree in Computer Science, Engineering or Business field or equivalent, Diploma with additional relevant experience.
•    Required professional certifications: Professional certificate such as CISSP, GCTI , GCFA, GNFA

Experience 
•    5+ years of Information security or technology experience.
•    3+ years in relevant experience.
•    Working experience in multiple industries (e.g. Energy, Utilities, Retail, Government…) is preferable.
•    Working experience in cyber security threats monitoring and handling
•    Exposer to OT security operation center experience will be a pulse.