Security Expert ( 3 years Contract) (CISA/ CISSP/ ISO)

Job Description

Security Expert ( 3 years Contract)


Listed below are the responsibilities of this role:
 Primary security expert with relevant experience in security operations.
 Support in developing security operations process and procedures
 Assist IT team to respond and contain attacks targeted to assets 
 Support Chief Information Security and Governance Officer (CISGO) in preparation of management reporting as well as statistical reports and definition and measurement of security related KPIs and KRIs 
 Provide on call support during off business hours in analyzing and assisting threat.
 Support security operations and incident handling as an integrated member of CERT.
 Security incident reporting, handling, communication & mitigation support. 
 Technical security monitoring i.e. OS patches, Virus, IPS signatures etc.
 User & Privileged Account Access Review
 Monitor compliance against Policies, Standards, Procedures, Security Configurations, Technical Security Baselines etc. and report non-compliance.
 Assist in incident analysis and provide mitigation steps.
 Help building the framework and processes for the SOC operations.
 Help preparing any information security reports or dashboards and do presentations to relevant stakeholders
 Monitoring & Reporting of KPIS and KRIs
 Assist in evaluating security solutions
 Support security team in setting up security infrastructure.
 Provide recommendations on security best practices to be implemented 
 Ability to define the security operations framework and processes
Expected deliverables from this role are:
 Identify unauthorized / malicious security events on enterprise systems and notify CISGO and CERT
 Follow established information security incident management procedures
 Recommend containment actions and remediation
 Daily, Weekly, Quarterly, Bi-Annual, Annual security incident reporting based on requirement
 Periodically review technical security on all systems and network infrastructure based on requirement
 Annual privileged user access of the whole IT landscape and Business Applications 
 Perform compliance reviews against Policies, Standards, Procedures, Security Configurations, Technical Security Baselines etc. and report non-compliances etc. and report non-compliance.
 Preparation of the management dashboards, reports based on KPIs and KRIs etc.
 Participation in annual VAPT assessment and remediation.


Resource General Qualification Requirements
 Should have minimum experience of 7+ years in IT and Information security
 Should have at least 3 years of experience in security operations role
 Should have good hands on experience in security monitoring and incident management tools
 Knowledge of: malware, vulnerabilities, exploits, network forensics, packet analysis 
 Understanding of IDS, IPS, Firewalls, Web filtering technologies
 Experience with enterprise information security management
 Experience with trouble ticketing and change management tools. 
 Understanding of ISO 27001 and its requirements (ISMS)
 Strong analytical, documentation and communication skills
 Certifications – CISSP, CISA, ISO27001 preferred
 Knowledge of NIA, SANS Top 20 Security Controls, CIS Benchmark
 Self-going person with decision making capabilities
 Good knowledge of most common Network and Security devices used at (see Infrastructure Background” section)
 Willingness to work outside of standard business hours in case of emergency
 Adhere to policies and procedures including code of conduct and ethics
 Comply to confidentiality agreement as per SLA contract
Budget : QAR 15,000-17,000+ Annual Benefits ( can be more depending on current package and experience)


Date Posted: 2016/06/01

Antal International