IT Security Analyst
  • United Arab Emirates Sharjah
  • Dawaam
1 year before
31.12.2023
Operate and Maintain
Systems Administration
Job Description

About the job
Industry Oil and Gas

Job Summary And Scope Of Responsibilities

The primary responsibility of a Security Analyst is to ensure the security of the organization’s physical and digital assets. The ideal candidate will be an experienced Security Analyst with

a deep understanding of information security concepts and their implementation in the information technology area.

Major Responsibilities

Install and maintain security infrastructure, including Firewall, NDR, and SIEM systems.
Install, maintain, and troubleshoot network infrastructure.
Assess cloud providers and products, assess and improve cloud security posture.
Configure, troubleshoot and maintain security infrastructure software and hardware.
Develop security processes, procedures and performance metrics.
Assist in the security risk analysis for current and new systems and recommend solutions for reducing exposure areas.
Implement and maintain cloud security solutions.
Installing and maintaining physical security systems such as CCTV cameras, access control systems, and alarms
Evaluate applications and software for security issues.
Research security enhancements and make recommendations to management.
Provide periodic reports of security status and vulnerability assessments.
Develop security standards and practices
Develop and maintain documentation and diagrams for security tools, system environments, and cloud operations.
Educate staff members on information security through training and awareness.
Identify and maximize security value from existing investments.
Supporting the transition of on-premises security platforms and capabilities to new cloud-based capabilities.
Provide input to the information security strategy.
Interacting and partnering with Security Operations Center (SOC) team members as an escalation resource expert for incident response activities.
Provide tools and techniques to harden on-premises and cloud infrastructure.

Experience And Qualifications

Bachelors /master’s in computer science
6-7 years’ experience in Information Security field with hands-on experience in cloud security, network security and security technologies.
2-3 years’ experience in Networking Technologies
1+ years’ experience in Leading Cloud Technologies, Cloud Security, DevSecOps, Automation
Hands-on experience with security products like Checkpoint
Working knowledge of scripting tools like Powershell, Python
Diverse skill set with one or more security technologies, such as NDR (Network Detection and Response), NGFW (Next gen Firewall), WAF (Web Application Firewall), NAC (Network Access Control), SD-WAN, etc.
Critical thinking skills and the ability to solve problems as they arise
Self-starter, capable of working independently and in a team environment, collaborating well with others to solve problems in a team-focused dynamic.
Excellent reporting and presentation skills
Knowledge of implementing security best practices and strong documentation capabilities.
Knowledge of networking protocols and operations, cloud infrastructure and services, operating system internals and hardening.

Generic Requirements

Manage parallel activities and competing priorities.
Keep current with evolving security threats and remediation techniques.
Assess business needs and expectations, design solutions to meet those needs, and then implement the design.

Certifications

Certified Information Systems Security Professional (CISSP)
CCNA
EC-CEH
CCSK/CCSP Preferred

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0049   Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  • K0064   Knowledge of performance tuning tools and techniques.
  • K0088   Knowledge of systems administration concepts.
  • K0100   Knowledge of the enterprise information technology (IT) architecture.
  • K0167   Knowledge of system administration, network, and operating system hardening techniques.
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0346   Knowledge of principles and methods for integrating system components.
Required Skills
  • S0016   Skill in configuring and optimizing software.
  • S0143   Skill in conducting system/server planning, management, and maintenance.
  • S0151   Skill in troubleshooting failed system components (i.e., servers)
  • S0153   Skill in identifying and anticipating system/server performance, availability, capacity, or configuration problems.
  • S0154   Skill in installing system and component upgrades. (i.e., servers, appliances, network devices).
  • S0155   Skill in monitoring and optimizing system/server performance.
  • S0158   Skill in operating system administration. (e.g., account maintenance, data backups, maintain system performance, install and configure new hardware/software).
Required Abilities
  • A0025  Ability to accurately define incidents, problems, and events in the trouble ticketing system.
  • A0027  Ability to apply an organization's goals and objectives to develop and maintain architecture.
  • A0034  Ability to develop, update, and/or maintain standard operating procedures (SOPs).
  • A0074  Ability to collaborate effectively with others.
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).