Information Security Administrator
  • United Arab Emirates Sharjah
  • Dautom
1 year before
31.01.2024
Protect and Defend
Cyber Defense Infrastructure Support
Job Description

Responsibilities:

Performs user and access administration on designated systems and applications, in accordance with the defined policies, standards and procedures of the organization

Performs system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines

Performs installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems

Performs threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities

Applies patches where appropriate and, at the direction of [manager responsible for security administrator], removes or otherwise mitigates known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards

Locates and repairs security problems and failures

Collates security incident and event data to produce monthly exception and management reports

Performs normal and exceptional processing of user access and change requests, escalating such requests when appropriate

Reports unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes

Assists and trains junior team members in the use of security tools, the preparation of security reports and the resolution of security issues

Develops and maintains documentation for security systems and procedures

Researches, recommends, evaluates and implements cybersecurity solutions that identify and/or protect against potential threats, and respond to security violations

Provides guidance to junior members of the team

Qualifications:

Minimum of [2+] years of IT or network security experience:

[1-2] years of experience for a junior security administrator

[3-5] years of experience for a senior security administrator

Bachelor's degree in information systems, or equivalent work experience

Certifications from [list of required vendor certifications].

Certifications from [list of required independent security organizations offering certification] or other certifications at the discretion of [manager responsible for security administrator]

Strong analytical and problem-solving skills to enable effective security incident and problem resolution

Proven ability to work under stress in emergencies, with the flexibility to handle multiple high-pressure situations simultaneously

Ability to work well under minimal supervision

Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT-business personnel

Strong written and verbal communication skills

Strong customer/client focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships

Experience in developing, documenting and maintaining security procedures

Technical Competency

Knowledge of cybersecurity principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management

Technical proficiency with security-related systems and applications, especially [list of technologies used by (company name)]

Experience in developing, documenting and maintaining security procedures

Knowledge of network infrastructure, including routers, switches, firewalls and associated network protocols and concepts

Working technical knowledge of current systems' software, protocols and standards

Strong knowledge of TCP/IP and network administration/protocols


Quick response

Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0033   Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • K0042   Knowledge of incident response and handling methodologies.
  • K0044   Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0324   Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0334   Knowledge of network traffic analysis (tools, methodologies, processes).

Required Skills
  • S0053   Skill in tuning sensors.
  • S0054   Skill in using incident handling methodologies.
  • S0077   Skill in securing network communications.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Required Abilities
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).