Opening for Senior Security Analyst- Information Technology with Executive Solutions

Key purpose

The Senior Security Analyst is responsible for executing the tasks and activities that support the Company Global Security Operations Centre (GSOC) and the Middle East (ME) information security plan. This role will have two focus areas:

70% Of role: As part of the GSOC managers federated global team facilitate the ME Computer Security Incident Response function and support the global Computer Security Incident Response team
30% Of role: Perform other information security, risk, audit and compliance related tasks, as required, to support Company’s security plan

Structure and reporting relationship

Reports to Head of Information Technology (ME) and is part of the GSOC Managers federated organisation.

Global Context:

Company is establishing a new Global Security Operations Centre (GSOC) and CSIRT (Computer Security Incident Response Team) function. The GSOC will be based in the UK with regional contacts who will support the function. The ME Security Analyst will be responsible for both helping to initially build and define the support processes across resolver groups and then be responsible for executing day-to-day operational processes. Frequent interaction with the UK team is expected.

Middle East Context:

Information Technology is a shared service supporting multi-sector, multi-country organisation. Support the Head of Information Technology in delivering the information security plan and implementing it operationally across the delivery pillars: (i) Governance; (ii) Risk Management; (iii) Audit & Compliance; (iv) Technical Security; (v) Global Cyber Program.

Key accountabilities  

• Assume responsibility and represent Middle East on all GSOC related protocols to enable the timely and effective response to, and management of, incidents, events, notifications, calls and other activities related to the GSOC and its role as a central monitoring function.
• Take direction and guidance from the GSOC Manager to develop, build and support the Standard Operating Procedures to allow the GSOC to operate effectively on a global scale.
• Participate in regular practised drills for security incident response.
• Identify and communicate daily all critical items requiring the attention of senior management and co-ordinate with operations/resolver teams to provide necessary documentation in support of actions.
• Assist the Head of Information Technology to manage Emergency Response.
• Serve as the contact point for the collation, analysis, monitoring (where relevant) and interpretation of risks and threats that may affect the business; ensure timely notification to stakeholders; provision of threat intelligence reporting and key performance indicators.
• Liaise with the GSOC to provide timely communications and actionable intelligence to support the protection of assets/intellectual property and infrastructure.
• Act as the interface between the Global GSOC/CSIRT and the local Management team, raising issues that require senior management action.
• Work with local third parties and outsource providers that provide managed security services to Company; Take appropriate action to respond to weekly/monthly reporting and alerted incidents (e.g. Anti-Virus monitoring; Intrusion Prevention Monitoring; Web & Email Filtering; Remote Access).
• Manage all documentation related to incidents and reporting to the global repository for all incident tracking.
• Work with local and global teams to transition in-scope devices to be alerting and reporting to the GSOC.   

RISK, AUDIT & COMPLIANCE:

• Perform various IT security, assurance and due diligence activities across the information security lifecycle; For example, develop policy documents; perform security design reviews and provide recommendations; perform third party control self-assessment reviews
• Lead ISO 27001 and SMS IS audits and processes
• Visit ME contracts and perform audits on IT systems and services inline with Company management system.
• Liaise with the Global Company Security Team to facilitate activities related to security policy updates; security awareness training rollout and other global cyber security program requirements.
• Facilitate technology audit and control remediation activities to ensure items are closed in a timely manner.
• Resolve technical security queries across Company’s varied contract base; research, investigate and provide control recommendations to address risk.
• Co-team with the broader solutions team to ensure IT security components and specifications are included in designs and concerns addressed.
• Provide monthly and ad-hoc status/metrics updates to enable appropriate input to management forums and papers prepared by the ME Contract Managers.
• Facilitate third parties to conduct other independent reviews (e.g. Penetration Testing).  

Essential technical and professional skills , knowledge and qualifications

• Ideal candidate must be self-motivated and have a broad experience in the information security field and be comfortable working in a dynamic atmosphere of a technical organisation.
• The ideal candidate would have experience across threat management, security incident event management, incident response and handling experience.
• The candidate must also display experience and aptitude for the other areas of information security encompassing risk management, audit and compliance.
• 5-8 years of relevant experience in roles encompassing technical security role(s) and a broader exposure to technology audit, risk and compliance.
• Ability to work in team oriented environments. Good communication skills.
• Good working knowledge of technology areas such as: IP networking, Windows, IDS/IPS, Active Directory, Application vulnerabilities, Cisco routers/switches, Proxies, Forensics, NESSUS, NMAP, PGP (WDE & Email).
• Understand the underlying protocols and data used as the basis for security monitoring services,
• Security and risk assessments, knowledge of ISO 27001/2 (Information Security Management Systems) are a definite plus.
• A security qualification including HTTP, HTTPS, SQL, TCP/IP and Active Directory.
• Experience in performing such as CISSP, CISA or equivalent certification is a definite plus.
• Candidate must have strong reporting skills.  

Additional/special features of the role

Interaction with the global team will be required (including after hours).
Work related to the GSOC will take priority.

Click on THIS link to apply.