Job Purpose
The primary function of this role is to monitor the ENOC environment on 24*7 basis and conduct initial analysis’s for events to identify any cyber security threats or attacks on ENOC IT/OT assets. In addition to preforming first response assessment of the cyber Security incident and escalate to Senior Security Analyst for further investigation and response as per approved policies, processes and procedures.
Principal Accountabilities
• Follow response procedures and other CIC related SOPs based on the incident impact analysis &predetermined response actions procedures
• Acknowledge, analyse and validate vulnerabilities/incidents triggered from correlated events through SIEM or other security solution
• Acknowledge, analyse and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
• Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets
• Gain an understanding of security risks and controls
• Undertake first stages of false positive and false negative analysis
• Perform analysis of log files to collect more contextual information in order to triage security events
• Review and align priority, severity and classification of security incidents
• Collect contextual information and pursue technical root cause analysis & attack method analysis
• Conduct analysis of the events/incidents to identify potential deficiencies in deployed controls led to the incident to be materialized
• Analyse reported cyber security events and incidents and recommend remediation and improvement actions
• Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC.
• Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions
• Participate in post incident reviews and recommend improvements plans
• Investigate, document, and report on information security issues and emerging trends.
• Should be on-call 24 hours per day to respond to security emergencies.
Education
• Degree: Bachelor’s degree in Computer Science, Engineering or Business field or equivalent, Diploma with additional relevant experience.
• Required professional certifications: Professional certificate such as CISSP, GCTI , GCFA, GNFA
Experience
• 5+ years of Information security or technology experience.
• 3+ years in relevant experience.
• Working experience in multiple industries (e.g. Energy, Utilities, Retail, Government…) is preferable.
• Working experience in cyber security threats monitoring and handling
• Exposer to OT security operation center experience will be a pulse.
