Our client is an international System Integrators with a strong presence in the global market since the past 11years, looking for an IT Risk Analyst – SOC in Ras Al Khaimah. To expedite share CV - [email protected]. Candidates from any GCC countries can apply

Job Title

IT Risk Analyst Reporting To - Sr. Manager - IT Risk Operations 

Minimum Experience Required - 5 Years in SOC / Cloud SOC Job Description:

• Real-timethreat monitoring and response activities to enable delivery of complete            Security Incident and Event Management services on a wide range of  security services both on-premises and cloud security services
• Applying analytical, reasoning and specialized technical expertise to investigate, identify, correlate and escalate security incidents, network anomalies and proactive/reactive reporting activities.
• Conduct vulnerability assessment using the defined assessment tools & prepare the required reports.
• Investigate incident to determine root cause and follow up with respective teams to ensure incident closure with pieces of evidence.
• Gather security intelligence such as new vulnerabilities and threats.
• Adhere to Information Security policies, standards and processes.
• Prepare daily, weekly and Monthly reports and submit them to the SOC manager
• Conduct periodic assessments in on-premises & cloud infra and suggest necessary changes to enhance the cyber resilience
• Involve in activity security projects.
• Participate in Incident management and cyber drills.
• Hunt for new threats and propose or implement automatic detections.
• Participate in playbook enhancements both by process and in SOAR.
• Propose or implement False-positive fine-tunings for the existing use cases.

Essentials:

• Have solid understanding on reviewing SIEM logs or Security Events from devices such as Firewall, IDS / IPS, Proxy, Antivirus, DLP, EDR, Email Security, Syslog etc.
• Have strong knowledge and experience in Security Incidents and troubleshooting on Security Incidents.
• Strong understanding of IT operations: help desk, end-point management, and server management
• Strong   understanding of adversary motivations: cybercrime, cyber hacktivism,   cyber war, cyber espionage
• Strong   understanding of vulnerability management, threat analysis, security auditing,    security monitoring, penetration testing, incident response and other information security practices is preferred
• Knowledge of generic information security standards/programs and frameworks as well as best practices

Desired Qualifications:

• Bachelorʼs degree in Computer Security but not mandate.
• Bachelorʼs degree in Information Technology but not mandate.
• Certifications like CySA+, Security+, CEH, ECSA is an added advantage.
• SOC or IT Security experience in Banking sector is preferred but not mandate.

EXPERTISE AND QUALIFICATIONS

Essentials:

• Have solid understanding on reviewing SIEM logs or Security Events from devices such as Firewall, IDS / IPS, Proxy, Antivirus, DLP, EDR, Email Security, Syslog etc.
• Have strong knowledge and experience in Security Incidents and troubleshooting on Security Incidents.
• Strong   understanding of IT operations: help desk, end-point management, and server management
• Strong   understanding of adversary motivations: cybercrime, cyber hacktivism,   cyber war, cyber espionage
• Strong   understanding of vulnerability management, threat analysis, security auditing,    security monitoring, penetration testing, incident response and other information security practices is preferred
• Knowledge of generic information security standards/programs and frameworks as well as best practices

Desired Qualifications:

• Bachelorʼs degree in Computer Security but not mandate.
• Bachelorʼs degree in Information Technology but not mandate.
• Certifications like CySA+, Security+, CEH, ECSA is an added advantage.
• SOC or IT Security experience in Banking sector is preferred but not mandatory