IT Security Analyst

JOB PURPOSE/ OBJECTIVE

Ensure protection of company's assets by identify, analyse and mitigate security threats and vulnerabilities. Plays a crucial role in developing and enforcing security policies and procedures to promote a culture of security. Responsible to implement the cyber security controls mandated by National Cyber Security Agency (NCSA) as part of the on-going audits. handling resources in Information security to manage the peak loads during cyber-attacks and handle incident responses and other aspects of cyber security. Manage the peak loads during cyber-attacks and handle incident responses and other aspects of cyber security. responsible for implementing the technical controls that will be provided to company in the Roadmap by NCSA.

REQUIREMENTS

• Bachelor's/Master's degree in IT/Computer Science or any related discipline.
• Experience in Petrochemicals/oil & gas is prefered.
• Good understanding of the OT Security and IS 62443
• CCNA, OSCP, CompTia Security Plus, Sans Incident Handling Certifications/ GCIH, Blue Team security trainings preferred.

KEY ACCOUNTABILITIES

Routine Duties

• Plan for disaster recovery and create contingency plans in the event of security breaches.
• Keep up to date with latest technology and research emerging cyber security threats and ways to manage them.
• Liaise with the NCSA and other stakeholders in relation to cyber security issues roadmap and provide solutions and implement and lead the initiatives.
• Lead all technical audits conducted by the internal and external auditors.

IT Operations and Technical Support

• Handle security alerts and incidents that are reported.
• Investigate and follow the Incident Response procedure for handling all types of incidents.
• Monitor for attacks, intrusions and unusual, unauthorized, or illegal activity.

Developing organization wide security protocols

• Test and evaluate security products, design new systems, and manage their upgrade, use tools to identify potential weakness and threat patterns and vulnerabilities in our systems.
• Identify security products and implement measures like security devices and controls like encryption.
• Monitor the Identity and access management, including monitoring for abuse of permissions.

Vulnerability Management

• Work with the teams to perform tests and uncover security vulnerabilities in the systems and network.
• Fix detected vulnerabilities to maintain a high security posture.
• Perform vulnerability analysis and penetration testing.

Liaise with ICS Security

• Co-ordinate with the various ICS Security teams at the plants to identify any risks related to IT/OT Convergence, participate in architecting new solutions and identifying risks for new deployments in the ICS and plant systems.
• Provide guidance by following the international standards like ISA 62443.
• Design security controls to protect the IT and OT systems and networks in scope.