IT Security Analyst

JOB PURPOSE/ OBJECTIVE

Ensure protection of company's assets by identify analyse and mitigate security threats and vulnerabilities. Plays a crucial role in developing and enforcing security policies and procedures to promote a culture of security. Responsible to implement the cyber security controls mandated by National Cyber Security Agency (NCSA) as part of the ongoing audits. handling resources in Information security to manage the peak loads during cyberattacks and handle incident responses and other aspects of cyber security. Manage the peak loads during cyberattacks and handle incident responses and other aspects of cyber security. responsible for implementing the technical controls that will be provided to company in the Roadmap by NCSA.

REQUIREMENTS

• Bachelor's/Master's degree in IT/Computer Science or any related discipline.
• Experience in Petrochemicals/oil & gas is prefered.
• Good understanding of the OT Security and IS 62443
• CCNA OSCP CompTia Security Plus Sans Incident Handling Certifications/ GCIH Blue Team security trainings preferred.

KEY ACCOUNTABILITIES

Routine Duties

• Plan for disaster recovery and create contingency plans in the event of security breaches.
• Keep up to date with latest technology and research emerging cyber security threats and ways to manage them.
• Liaise with the NCSA and other stakeholders in relation to cyber security issues roadmap and provide solutions and implement and lead the initiatives.
• Lead all technical audits conducted by the internal and external auditors.

IT Operations and Technical Support

• Handle security alerts and incidents that are reported.
• Investigate and follow the Incident Response procedure for handling all types of incidents.
• Monitor for attacks intrusions and unusual unauthorized or illegal activity.

Developing organization wide security protocols

• Test and evaluate security products design new systems and manage their upgrade use tools to identify potential weakness and threat patterns and vulnerabilities in our systems.
• Identify security products and implement measures like security devices and controls like encryption.
• Monitor the Identity and access management including monitoring for abuse of permissions.

Vulnerability Management

• Work with the teams to perform tests and uncover security vulnerabilities in the systems and network.
• Fix detected vulnerabilities to maintain a high security posture.
• Perform vulnerability analysis and penetration testing.

Liaise with ICS Security

• Coordinate with the various ICS Security teams at the plants to identify any risks related to IT/OT Convergence participate in architecting new solutions and identifying risks for new deployments in the ICS and plant systems.
• Provide guidance by following the international standards like ISA 62443.
• Design security controls to protect the IT and OT systems and networks in scope.