Eram Talent, a leading Talent Acquisition Consultancy based in Saudi Arabia, is seeking a highly skilled Information Protection Analyst to join our team. We specialize in providing exceptional recruitment solutions to clients in various industries, including Oil & Gas, Petroleum, Infrastructure, Energy, Water, Transportation, Science & Technology, and Health Care.
The Information Protection Analyst will be responsible for safeguarding sensitive information and ensuring the integrity, availability, and confidentiality of data. This includes implementing and maintaining security controls, conducting risk assessments, and monitoring compliance with information protection policies and procedures.
The main purpose of the Information Protection Analyst is to perform the assigned jobs under one of the following functions:
- Access Management
- Security & Vulnerability Management
- Security Intelligence Center
Responsibilities:
- The main responsibilities of the Information Protection Analyst is to perform his duties under one of the following IT Information Protection sections:
- 1. Access Management
- 2. Security & Vulnerability Management
- 3. Security Intelligence Center
- Also, he/she will be responsible/accountable on the following activities:
- Identifies, analyzes, monitors, mitigates and manages threats and vulnerabilities to IT systems and networks
- Apply service-oriented security architecture principles to meet the organization's confidentiality, integrity and availability requirements
- Uses defensive measures and multi-source information to report events and respond to incidents
- Uses data collected from cyber defense tools to analyze events that occur within the organization to detect and mitigate cyber threats
- Ensure all systems security operations and maintenance activities are properly documented and updated as necessary
- Tests, implements, deploys, maintains and administers hardware and software that protect and defend systems and networks against cybersecurity threats
- Manages individuals and entities identities and access to resources through applying identification, authentication and authorization systems and processes
- Ensure identity access management implementations follow organization's standards and policies
- Performs vulnerability assessments of systems and networks. Identifies where they deviate from acceptable configurations or applicable policies. Measures effectiveness of defense-in-depth architecture against known vulnerabilities
- Collects and analyzes digital evidence, investigates cybersecurity incidents to derive useful information to mitigate system and network vulnerabilities
- Identifies, collects, examines and preserves evidence using controlled and documented analytical and investigative techniques
- Collects and analyzes multi-source information about cybersecurity threats to develop deep understanding and awareness of cyber threats and actors' Tactics, Techniques and Procedures (TTPs), to derive and report indicators that help organizations detect and predict cyber incidents and protect systems and networks from cyber threats
- Proactively searches for undetected threats in networks and systems, identifies their Indicators of Compromise (IOCs) and recommends mitigation plans
- Designs and oversees the development, implementation and configuration of cybersecurity systems and networks
- Ensure that protection and detection capabilities are aligned with the organization's cybersecurity strategy, policies and other related documentation
Requirements
- Bachelor's degree in Computer Science, Information Security, or related field
- Minimum of 5 years of experience in information protection or cybersecurity
- Strong knowledge of information security principles, best practices, and technologies
- Experience in conducting risk assessments and vulnerability scans
- Knowledge of relevant industry regulations and compliance frameworks
- Excellent problem-solving and analytical skills
- Strong communication and interpersonal skills
- Certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) are preferred
- Fluency in English and Arabic is required
- Experience working in Saudi Arabia or knowledge of Saudi Arabian information security regulations is a plus