Defensive Security Analyst

Albatha Group • Full-time • دبي, AE • 3w ago

Job Purpose:

The purpose of the Security Analyst role is to safeguard the organization's computer networks and systems through proactive defensive security measures. They are responsible for identifying vulnerabilities, monitoring security breaches, and responding to incidents in a timely manner. The Security Analyst also plays a crucial role in creating, implementing, and maintaining the company's information security Standard Operating Procedures (SOPs) and documentation. Their goal is to ensure the integrity, confidentiality, and availability of information owned, controlled, or processed by the organization while strengthening the organization's security posture against evolving threats.

Roles and Responsibilities:

1: Business Performance

Design and improve security controls for infrastructure and network systems, including firewalls, routers, switches, and intrusion detection/prevention systems (IDS/IPS).
Support the implementation of a Network & Firewall Assurance Tool to automate firewall rule analysis, optimize network security configurations, and ensure continuous compliance with information security policies and industry standards.
Support and contribute to the Defensive Assurance efforts by validating that applications and infrastructure components adhere to security best practices and organizational security requirements.
Contribute to the design and implementation of a Logical Access Management solution for Identity and Access Management (IAM).
Assist in deploying an SSE solution to enhance secure remote access, enforce security policies, and protect users, devices, and data in cloud and on-premises environments.
Implement and optimize a DLP solution to prevent unauthorized access, sharing, or exfiltration of sensitive data across endpoints, cloud applications, and network traffic.
Support the deployment of CASB solutions to enforce security policies, monitor cloud application usage, and mitigate risks associated with shadow IT and unauthorized cloud services.
Assist in enhancing overall cloud security posture by contributing to the implementation of Cloud Security Posture Management (CSPM) tools for visibility, misconfiguration detection, and compliance monitoring, and support the evaluation or adoption of Cloud-Native Application Protection Platforms (CNAPP) to secure a multi-cloud infrastructure.
Assist in enforcing Zero Trust principles by implementing access controls, continuous authentication, and network segmentation via the deployment of tools and configurations to reduce attack surfaces and limit lateral movement.
Collaborate with stakeholders and assist in conducting technology and information security due diligence & risk assessments to identify, prioritize, and mitigate potential security risks.
Implement and manage website protection, including WAF, DDoS protection, and threat intelligence-driven rules to safeguard public-facing assets against evolving threats.
Assist in integrating application security best practices into the software development lifecycle, including secure code reviews and the identification of common vulnerabilities..
Participate in the change control process to ensure security requirements are incorporated into system changes and implementations. Conduct post-implementation reviews of complete changes.
Support and improve existing security awareness programs by educating employees on phishing, social engineering, and cybersecurity best practices.
Conduct simulated phishing exercises and report findings to improve organizational security posture.
Assist in developing targeted security training materials and promoting a culture of security awareness.
Assist in assessing and executing technology audits across the operating companies to evaluate security controls, identify gaps, and ensure compliance with organizational policies and industry standards.
Assist in internal and external security audits by gathering evidence and ensuring compliance on technical security controls.
Generate status of technical controls for the monthly Information Security Management System (ISMS) reports.
Ensure that baseline hardening documentation for network and infrastructure systems is up to date, relevant, and enforced.
Conduct regular vulnerability assessments to identify, assess, and track vulnerabilities across infrastructure and applications. Collaborate with relevant teams to prioritize and remediate identified risks.
Collaborate with the offensive security team on security testing and validation activities, including the use of automated security validation platforms and assist in the prioritization and mitigation of findings..
Participate in incident response activities, investigating security breaches and coordinating appropriate remediation actions.
Assist in and guide the development and maintenance of incident response playbooks and standard operating procedures for infrastructure and network security incidents.
Collaborate with other teams for incident response exercises to test and improve incident response preparedness.
Actively research, evaluate, and drive next generation security technologies and solutions to solve the organization’s requirements.

2. Customers and Partner Relations

Collaborate with GRC consultants to ensure infrastructure and network security aligns with compliance requirements and industry best practices.
Working closely with the SOC team leads to integrating network security logs and events into the overall security monitoring and incident response processes.
Collaborate with application security engineers during the development and deployment of secure network architectures for new applications.
Manage and maintain security infrastructure components, ensuring their availability, performance, and adherence to security policies.

3: People Management

Should be team orientated, generating a strong sense of team spirit amongst colleagues and other supporting departments for working towards a shared vision.
Establish and maintain a participative and supportive team culture amongst all team members.
Manage, motivate colleagues, train, develop the knowledge and skills of the team and ensure that procedures related to performance appraisals and employee compliance are followed.

4: Leadership/Innovation

Stay updated with emerging security threats, vulnerabilities, and technologies, recommending, and implementing appropriate security solutions.
Provide technical expertise and guidance to internal teams regarding security best practices and secure system configurations.
Collaborate with internal and external stakeholders during audits and assessments to ensure compliance with applicable regulations and standards.
Contribute to the development and maintenance of security policies, standards, and procedures.

Education Qualification and Experience:

A university degree or equivalent
Familiarity with security solutions such as Data Loss Prevention (DLP), Identity and Access Management (IAM), Mobile Device Management (MDM) is desirable.
Good understanding of Active Directory, Servers, Cloud technologies, Networking, Endpoint security, Email security, Office 365, and perimeter security.
Expertise in incident response, including planning, execution, and conducting test drills to ensure organizational readiness.
Experience in providing security advisory services, risk assessments, and mitigation recommendations.
Strong understanding of technology risk assessment methodologies.
Experience collaborating with cross-functional teams and working in a fast-paced, dynamic environment.
Familiarity with Business Continuity Planning (BCP) and its integration with security operations.
Familiarity with security frameworks and compliance requirements (e.g., PCI DSS, ISO 27001).
Ability to collaborate with change control processes and contribute to the design and implementation of security solutions.
Information Security GRC practices.
Basic MS Office tools.
Presentation skills.
Experience with change control processes and implementing security solutions in complex environments.
Experience with offensive security testing and vulnerability discovery (red teaming) is a plus.
Previously assessed, developed, implemented, operationalized, and documented comprehensive security technologies and processes.
Excellent communication skills in English.
Attention to detail.

Apply