Senior Security Analyst

Job Title

Senior Security Analyst

The primary function of this role is to monitor the ENOC environment on a 24
* 7 basis and conduct advanced analysis’s for events to identify any cyber security threats or attacks on ENOC IT/OT assets. In addition to perform advanced response assessment of the cyber security incident and escalates to Cyber Intelligence Center Manager as per approved policies, processes and procedures.

• Follow response procedures and other CIC related SOPs based on the incident impact analysis & predetermined response actions procedures
• Manage the communication of policies & guidelines and monitor the compliance CIC operations to the cyber-security policies & guidelines.
• Work closely with security analysts to get direct feedback about new, unknown suspicious behaviour
• Handle escalated incident from security analyst to conduct deep investigations.
• Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets
• Conduct malware analysis using run-time analysis, comparative analysis, and reverse engineering tools
• Conduct digital forensics and deep investigations and evidence handling in line with best practices
• Preform threat hunting, discovery and exploration to identify threats that pass traditional detection tools.
• Perform proactive research to identify and characterize new emerging threats, vulnerabilities, and risks.
• Review and align priority, severity and classification of security incidents
• Develop metrics, reporting and documentation on frequency, impact, and types of incidents.
• Collaborate on the investigation of incidents, containment, remediation and root cause analysis
• Collaborate and conduct research to design and implement new security technology, update existing strategies, improve process and create additional documentation.
• Develop techniques and processes to identify anomalous behavioural patterns.
• Collect contextual information and pursue technical root cause analysis & attack method analysis.
• Identify gaps, take ownership of tasks and become a contributor to projects related to CIC as needed.
• Advocate security best practices, strategy, architecture, and assist in security design consultations.
• Apply strategic and tactical responses in challenging environments with heterogeneous systems.
• Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC.
• Participate in Development and implementation of new correlation rules and use-cases in SIEM and enhance the monitoring and detection capabilities of the CIC to integrate SIEM with other monitoring tools with appropriate scripting knowledge skills.
• Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions.
• Participate in closing identified security audit points.
• Periodically report on IT security status, security systems efficiency, and recommended improvements to management.
• Should be on-call 24 hours per day to respond to cyber security emergences.

• Degree:
  Bachelor’s degree in Computer Science, Engineering or Business field or equivalent, Diploma with additional relevant experience.
• Required professional certifications:
  Professional certificate such as CISSP, GCTI , GCFA, GNFA

• 7+ years of Information security or technology experience.
• 4+ years in relevant experience.
• Working experience in multiple industries (e.g. Energy, Utilities, Retail, Government…) is preferable.
• Working experience in cyber security threats monitoring and handling.
• Exposer to OT security operation center experience will be a pulse.