Role description

For a well known client operating in the energy sector in United Arab Emirates, we are currently looking for Cybersecurity Analyst – Operations. This is a long-term job opportunity.

The Cybersecurity Specialist is responsible for contributing towards the Cyber protection of the organisation through implementing, maintaining and managing security solutions. The Cybersecurity Specialist will deliver network, infrastructure and data security solutions in line with Cybersecurity framework and policy. In addition, this role is responsible for enhancements to cater for risk changes due to evolving threat landscape. The role will also support the maintenance of SOC capability and incident response as instructed by the Cybersecurity Head.

Job Specific Responsibilities:

  • Plan, implement, manage, monitor, and maintain security measures for the protection of the data, systems, and networks per Cybersecurity policy and framework in alignment with relevant regulations and standards
  • Plan security systems by evaluating network and security technologies; develop requirements for applications, local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, public key infrastructures (PKIs) and related security and network devices
  • Oversee security infrastructure deployment, maintenance, and advanced configuration. (Next Generation Firewalls, web gateways, mail gateways, IPS/IDS, SSL inspection, full packet inspection, network authentication and authorization technologies and management tools)
  • Manage web proxy, email filtering, anti-malware and mobile devices security solutions to protect sensitive information
  • Support data protection solutions (including but not limited to data classification, DLP and data/email encryption solutions)
  • Coordinate with the Enterprise Technology Project team to identify and integrate Cybersecurity requirements and acceptance tests in enterprise technology projects
  • Assist in conducting periodic external and internal penetration tests/red team exercises and take corrective/mitigation actions when necessary
  • Contribute towards development of incident and threat response procedures along with execution of assigned activities to ensure a quick, effective, and orderly response to security incident or threat
  • Support incident investigation using the host forensics, network forensics and/or reverse engineering techniques to analyse mail headers, extract macros from OLE, dissect packet capture and conduct other related analysis
  • Support SOC maintenance and improvement in terms of technology and troubleshooting the basic issues in the SOAR and SIEM solutions
  • Assist in periodic Cybersecurity reviews and audits and ensure compliance of departments to the Cybersecurity standards, regulatory requirements, policies, etc.
  • Continually assess, report on, and make recommendations regarding proposed architectures, strategies, and systems to enhance security of assets
  • Leverage knowledge of existing network, infrastructure and data Security technologies and capabilities to partner with Enterprise Technology and Cybersecurity functions and the various departments to achieve the organizational objectives
  • Stay up-to-date on emerging technologies/solutions, along with software and version updates and its implications to Cybersecurity and enterprise technology systems

Standard Responsibilities:

  • Implement all relevant section policies, processes, and procedures so that work is carried out in a controlled and consistent manner
  • Execute the continuous improvement of systems, processes and practices taking into account ‘international leading practice’ and changes in business environment and leveraging insights. This includes supporting the related change management efforts
  • Contribute to the preparation of timely and accurate reports to meet the section requirements, policies and standards

Knowledge, Experience and Skills

Essential Requirements:

  • Bachelor’s degree in Cybersecurity, Computer Engineering, Computer Science, Enterprise/Information Technology, Information Systems or related field
  • Must have at least two of the following certifications:
    • Security+
    • CCNA/CCNP
    • Certified Ethical Hacker (CEH)
    • ITIL (Foundation )
  • Minimum of 8 years of practical experience in implementing Cyber and Information Security standards or developing Cyber and Information Security processes
  • Experience in implementing standards and adhering to local regulations (NCEMA, Abu Dhabi Digital Authority (ADDA), Cybersecurity Council)
  • Experience in implementing one of the following: NIST framework, and ISO27001 Cybersecurity framework
  • Knowledge on fundamental networking concepts, architecture and protocols including TCP/IP, HTTP/HTTPS, SSL, IDS/IPS,DNS, DHCP, routing/switching, load balancing , SOCKS, 802.1x, AD, authentication protocols such as LDAP, NTLM or Kerberos, etc.
  • Experienced with operating systems (like Windows, Linux, and UNIX), VPN, proxy services, and DDOS mitigation technologies
  • Experience in the Implementation/ operational management of SIEM, SOAR and incident response
  • Experience in Data Classification (AIP, Titus etc) and DLP (Symantec, McAfee, ForcePoint)
  • Experience in working on the following technologies: DarkTrace, Rapid7, Thycotic, Aruba ClearPass, SSL-VPN, Infoblox, Bluecoat, ForceProxy, Juniper , FortiNet
  • Experience in implementing ISMS controls
  • Experience in Cybersecurity Operations (SOC) environment

Desirable Requirements:

  • One of the following certifications (trained and certified): Information Assurance / CSSP or equivalent from an accredited and recognised organisation (CISA, CISM, CREST, IRAP, ACSC, NCSC, CISSP, CRISC, GIAC, OSCP, and OSCE), data privacy and cloud security related certifications
  • Experience in a diverse/multicultural business industry (obtained from medium to large organisation)
  • Experience in the Energy and Utility sector
  • Awareness of the data privacy requirements (GDRFA)
  • Experience in implementing the UAE Information Assurance Standards (from NESA/ TRA)
  • Experience in multinational company

Principal Recruitment Consultant with extensive recruitment experience working in Europe, US and MENA regions

Gintare Juozapaviciute
LinkedIn