Cyber Security Analyst

Ta3meed

Job Description:

We are looking for a Cyber Security Analyst to join our talented team in Riyadh, Saudi Arabia.

Key Responsibilities:

• Close any regulatory gaps within the department.
• Close any action Items on QM system.
• Review third parties reports, tickets, and take an action.
• Raise awareness internally and externally about cyber security threats.
• Follow up with IT department regarding cyber security issues and closing them.
• Investigating Security Breaches
• Discover vulnerabilities within our assets wherever they may exist( perimeter, internal networks, cloud).
• Performing Ethical Hacking, and Participate in security audits and penetration testing of our IT infrastructure, web and mobile applications that may be used to store and access critical business information
• Installing and Operating Security Software
• Developing and Implementing Organization-Wide Security Protocols
• Contributes to continues improvements Tameed Cybersecurity Strategy
• Supports initiatives/projects of Tameed for Cybersecurity
• To work as part of the security operations team
• Conduct daily security analysis and examination and assessment of information security risks, threats, and vulnerabilities.
• Produce weekly report for the CEO on cyber security issues [AvG1]
• Monitor user activity, network events, and signals from security tools (SIEM) to identify events, while contributing to the follow-up, response, and reporting on all security incidents and their resolution.
• Assist in the implementation of the Information Security Management in compliance with SAMA CSF.
• Evaluation of our employees readiness to identify and withstand attacks through Social Engineering techniques.
• Identify and understand our weaknesses and vulnerabilities affecting your ICS environment and establish an achievable plan to improve our cyber security posture.
• Examination of our web application's code that aims to identify security flaws and withstand attacks and analyzing the code to find vulnerabilities that would not be found otherwise.
• Extensive review threat of our environment to identify the presence of artifacts that could indicate the ongoing or past presence of an attacker in our network.
• Develop strategies to reduce risk to manage risk in light of the organization's policies of acceptable risk levels.
• Description of the main or remaining cybersecurity risks that affect the operation of the system.
• Executing cybersecurity risk assessments and ensuring identified risks are defined and handled appropriately through the organization s risk governance process.

Technical Skill

• Knowledge of SIEM (Security Information and Event Management).
• Familiar with SQL, C, C++, C#, Java, or PHP programming languages.
• Should have expertise on TCP/IP, computer networking, routing, and switching.
• Penetration and vulnerability testing.
• Knowledge and hands-on experience of implementing and managing Firewall and Intrusion Detection/Prevention Systems.
• Windows, UNIX, and Linux operating systems.
• Network protocols and packet analysis tools.
• Anti-virus and anti-malware.