CYBERSECURITY SENIOR ANALYST
JOB SUMMARY:
The cybersecurity Senior Analyst is responsible for managing and operating key cybersecurity Monitoring systems and tools within OT environment. He will be involved in the daily operation of the SOAR and SIEM solutions, including the development of playbooks, creating correlation rules, managing vulnerability scanning, and conducting threat intelligence analysis. Additionally, the role includes leading incident response efforts, generating reports, and providing key performance indicators (KPIs) to the head of cybersecurity department.
Requirements
JOB SPECIFIC RESPONSIBILITIES:
SOAR management: Manage, operate and optimize the Security Orchestration, Automation, and Response (SOAR) platform to streamline incident response workflows and develop and maintain automated playbooks to streamline incident response processes. And ensure efficient threat mitigation and continuously refine and optimize SOAR workflows to improve response times and accuracy.
SIEM solution Management: Oversee the operation and maintenance of the Security Information and Event Management (SIEM) system, ensuring its effective use for monitoring and threat detection. Develop and implement parsing and correlation rules to ensure accurate event data analysis and timely detection of potential threats.
Vulnerability Management: Conduct regular vulnerability scans using appropriate tools to identify potential security gaps in the OT infrastructure. Manage the entire vulnerability lifecycle, from detection through remediation by working closely with OT teams to address any vulnerabilities in a timely manner
OT cybersecurity Incident Response: develop and maintain incident response playbooks that define processes for responding to various types of cybersecurity incidents within the OT environment. Coordinate incident response efforts and perform root cause analysis and recommend enhancements.
Reporting and KPI Measurement: Generate detailed security reports that provide insights into the OT cybersecurity posture, incidents, and overall security health. Track KPIs related to cybersecurity operations, such as incident response time, vulnerability resolution rate, and overall system security.
KEY RESULT AREAS
SOAR management (FortiSOAR)
SIEM (Wazuh) management
Vulnerability scanning (Nessus Professional, Wazuh, DesktopCentral) management
Security incident management
Minimum Experience Level
Minimum of 8 years of experience in Data security Management
Diverse/multi-cultural business industry (obtained from medium to large organisation)
Multi-national company
Energy and utility sector preferred
Job-related competencies and proficiency levels:
Behavioural
Organisational excellence (level 3) - Skilled
Encourage continuous learning (level 3) - Skilled
Build effective relationships (level 3) - Skilled
Communicate with impact (level 3) - Skilled
Adopt a strategic mindset (level 3) - Skilled
Technical
FORTISOAR management (level 3) - Skilled
SIEM solution Management (level 3) - Skilled
Vulnerability Management (level 3) - Skilled