Emplois en direct
Découvrez et Postulez pour des emplois
Tous les emplois
0
Sr Cyber Security Analyst
Permanent
Abu Dhabi, United Arab Emirates
31.10.2024
Sr Cyber Security Analyst
Abu Dhabi, United Arab Emirates
Permanent
- Oversee the monitoring activities of Cyber security analysts.
- Validate the incidents categorized as false positives by Cyber security analysts.
- Triage the identified incidents and ensure that incidents are classified as per the criticality
- Liaise with Incident response team for coordinating the Incident response activities.
- Escalate the incidents within the defined SLA to Senior Manager – Cyber security center..
- Review collected evidence and conduct further investigation to identify the damage and impact caused by information security events and incidents
- Perform intrusion scope and root cause analysis
- Participate in the development of an incident containment plan to limit incident damage
- Participate in systems backup and forensic image capture to ensure the affected systems state is captured as it is during the incident with the objective of performing forensics investigation at a later stage
- Redirect events to appropriate parties (according to playbooks and standard operation procedures) while providing necessary context and details
- Follow up on reported events / incidents up until closure and update ticket based on its status
- Participate in incident eradication and recovery activities to ensure compromised systems are no longer affected
- Identify existing eradication plan from existing documentation, or develop new one eradication plans
- Participate in incident recovery activities to ensure affected systems are fully operational
- Manage the proper turnover of security incidents and coordinate response efforts between the stakeholders involved in incident response activities
- Provide timely feedback to the SIEM content developers regarding false positive rate, false negative rate etc.
- Keep updated on the latest trends and threats in the Cyber world.
- Collect IOCs and other threat intel data and build logic within security tools to detect the presence of the IOCs in the organization.
- Collect Vulnerability details from the respective team and ensure that there is adequate monitoring on the exploitation of these vulnerabilities.
- Develop and maintain standard operating procedure (SOPs) and incident response playbooks based on identified incidents and develop incident eradication plans
- Participate in the development of incident reports and update of lessons learnt
- Identify and develop workflow automation to reduce response time and increase incident response procedures efficiency
- Assist in data recovery procedures
- Participate in testing, deploying, and administering the infrastructure required to provide appropriate incident response
- Participate in threat hunting activities