Cyber Security CSOC Analyst

For a well-known client in the United Arab Emirates, we are seeking Five Cyber Security CSOC Specialists for a six month contract role.

Role description

This position is responsible for monitoring and responding to alerts that are triggered on security devices protecting the Barakah Nuclear Power Plant computing network.  The analyst will work within the Barakah Nuclear Power Plant facilities, providing a 1st line analytical assessment whilst triaging alerts to determine whether they are malicious in nature or benign.  The holder of this position will pass malicious alerts to the 2nd line team for further technical investigative work. This role involves working on a biweekly rotating work shift of 7 days onsite, 12 hours a day, and 7 days off, switching on each iteration of work shift from Daily Work into Night work. This means covering every calendar month: 1 week on daily shift – 1 week off, 1 week on night shift – 1 week off.

Responsibilities

Cyber Security Operations Center monitoring and analysis Responsibility:
– Monitor Cyber Security events from various sources, including, but not limited to, SIEM, IDS/IPS, network monitoring tools and log files analysis, check for potential issues

Investigate Alerts Responsibility:
– Perform an initial investigation and correlation of events triggered in the SIEM and other tools within the CSOC and identify possible security threats to the environment
– Identify non-malicious false alerts and work with other stakeholders to exclude them from being triggered in the future

Security Triage Responsibility:
– Extract artefacts of interest from log data and examine them, recording all relevant information in a Security Incident ticket.
– Escalate, as needed, into potential Incidents, checking for Layer-2 analysts for confirmation

Coordination and Information Exchange with Physical Security team Responsibility:
– Periodically communicate with Physical Security team, either when a Cyber Security Event or Incident may involve potential insider threats, or evolving cyber security issues could be perceived as the prelude to a potential physical attack.

Proactive check of the Monitored assets and Monitoring Process Responsibility:
– Periodically check to ensure that the Critical Digital Assets (CDAs) and the plant operations network are properly monitored
– Ensure that the security monitoring systems are properly functioning, and that the data shown by them is accurate

HSE, Security and Continuity of Operation  Responsibility:
– Ensure compliance to all relevant health, safety and environmental management policies, procedures and controls across the Division/Department/Section by delivery of the HSE Management Program to guarantee employee safety, legislative compliance, delivery of high quality service and a responsible environmental attitude.
– Follow all relevant Security policies, processes, procedures and instructions to ensure security compliance in all aspects of work, by applying them to one’s self, others and organization assets.
– Ensure compliance with corporate requirements for adherence to policies, procedures and instructions related to Crisis Management and Business Continuity in order to continue mission-critical activities.

Essential skills

Bachelor’s degree with 0-2 years’ experience, Diploma, Military or Police Academy graduate with 4 years’ experience, or High School with 9 years’ experience

Desired skills

Specific Preferable Experience: – McAfee SIEM, ESM, NIDS and EPO.
Network+, Security+, SSCP, CEH, SANS 41