Senior Information Security Analyst
  • United Arab Emirates Dubai
  • ARENGY
1 year before
31.01.2024
Protect and Defend
Cyber Defense Analysis
Job Description

ARENGY is a Digital and Cybersecurity Consulting Company operating in the Middle East from Dubai. Our customers are the most successful industry leaders executing projects around the globe. We are partnering with one of the leading Banking & Insurance Company in Dubai. We are looking for a Senior Information Security Analyst.

Responsibilities

Job Description :

Be responsible and accountable for the identity and access management program for the company.

Maintain and manage the IAM platform, create and enhance the knowledge base for ongoing operations of the platform.

Conduct periodic review of user accesses, identify, and address any process gaps.

Strengthen and mature the IAM program by maturing the user access management with implementation of RBAC.

Be responsible for conducting internal vulnerability assessment and penetration testing (VAPT) exercise on demand.

Able to conduct security architecture and network security review and provide right recommendations on gaps identified.

Conduct technology, process risk assessment, and articulate them in business language.

Conduct risk assessment of vendor information security in context of traditional managed services and cloud-based service.

Conduct periodic review of the cloud infrastructure and ensure remediation of security risks.

Support the team with topics on regulatory mandates, security audits.

Support the team with security projects and initiatives as per the strategic direction of the company year on year basis.

Support the team on BAU of security operational activities

Support the team on tracking, follow up and closure of security issues.

Support the team on incident investigations whenever its necessary.

Support the team on closure of audit and regulatory topics.

Provide necessary feedback to the team to ensure the knowledge from the security in projects, security designs are cascaded well within the team.

Profile / Requirements

Well versed with Identity and Access Management (IAM) concepts.

Have run IAM as a program in banking, financial services, or insurance industry.

Experienced in at least one of the industry leading IAM solution.

Have hands on expertise conducting vulnerability assessment and penetration testing.

Well versed with security architecture concepts.

Strong knowledge of network security.

Conceptual and foundational knowledge on cloud service providers like AWS, Azure etc.

Any security certifications on any of the reputed public cloud technologies is a plus.

Must have worked on either 2 or more security frameworks like ISO27001, CSA, OWASP, NIST,etc.

Any security certifications like CompTIA, SSCP, OSCP, CCSA, CCSP, OSCP, OSWE is a plus.

Very good in communication, professional English.

One of the primary requirements for the candidate is to be able to build great relationship internally and deliver the objectives in timely manner.

Quick response
Required Knowledge
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0013   Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
Required Skills
  • S0147   Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
  • S0169   Skill in conducting trend analysis.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Required Abilities
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • A0159  Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).