Security Analyst

ENOC LUBRICANTS AND GREASE MANUFACTURING PLANT LLC

Job Purpose
The primary function of this role is to monitor the ENOC environment on 24*7 basis and conduct initial analysis s for events to identify any cyber security threats or attacks on ENOC IT/OT assets. In addition to preforming first response assessment of the cyber Security incident and escalate to Senior Security Analyst for further investigation and response as per approved policies, processes and procedures.
Principal Accountabilities
Operational
Follow response procedures and other CIC related SOPs based on the incident impact analysis & predetermined response actions procedures
Acknowledge, analyse and validate vulnerabilities/incidents triggered from correlated events through SIEM or other security solution
Acknowledge, analyse and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets
Gain an understanding of security risks and controls
Undertake first stages of false positive and false negative analysis
Perform analysis of log files to collect more contextual information in order to triage security events
Review and align priority, severity and classification of security incidents
Collect contextual information and pursue technical root cause analysis & attack method analysis
Conduct analysis of the events/incidents to identify potential deficiencies in deployed controls led to the incident to be materialized
Analyse reported cyber security events and incidents and recommend remediation and improvement actions
Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC.
Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions
Participate in post incident reviews and recommend improvements plans
Investigate, document, and report on information security issues and emerging trends.
Should be on-call 24 hours per day to respond to security emergences or other related problems
Should work on shifts schedule which includes weekends
Additional Principal Accountabilities
Experience
Education
Degree: Bachelor s degree in Computer Science, Engineering or Business field or equivalent, Diploma with additional relevant experience.
Required professional certifications: Professional certificate such as CISSP, GCTI , GCFA, GNFA
Experience
5+ years of Information security or technology experience.
3+ years in relevant experience.
Working experience in multiple industries (e.g. Energy, Utilities, Retail, Government ) is preferable.
Working experience in cyber security threats monitoring and handling
Exposer to OT security operation center experience will be a pulse.