Emplois en direct

Découvrez et Postulez pour des emplois

Sr Cyber Security Analyst

Permanent
Abu Dhabi, United Arab Emirates
31.10.2024

Sr Cyber Security Analyst

 Abu Dhabi, United Arab Emirates

 

Permanent

  • Oversee the monitoring activities of Cyber security analysts.
  • Validate the incidents categorized as false positives by Cyber security analysts.
  • Triage the identified incidents and ensure that incidents are classified as per the criticality
  • Liaise with Incident response team for coordinating the Incident response activities.
  • Escalate the incidents within the defined SLA to Senior Manager – Cyber security center..
  • Review collected evidence and conduct further investigation to identify the damage and impact caused by information security events and incidents
  • Perform intrusion scope and root cause analysis
  • Participate in  the development of an incident containment plan to limit incident damage
  • Participate in systems backup and forensic image capture to ensure the affected systems state is captured as it is during the incident with the objective of performing forensics investigation at a later stage
  • Redirect events to appropriate parties (according to playbooks and standard operation procedures) while providing necessary context and details
  • Follow up on reported events / incidents up until closure and update ticket based on its status
  • Participate in incident eradication and recovery activities to ensure compromised systems are no longer affected
  • Identify existing eradication plan from existing documentation, or develop new one eradication plans
  • Participate in incident recovery activities to ensure affected systems are fully operational
  • Manage the proper turnover of security incidents and coordinate response efforts between the stakeholders involved in incident response activities
  • Provide timely feedback to the SIEM content developers regarding false positive rate, false negative rate etc.
  • Keep updated on the latest trends and threats in the Cyber world.
  • Collect IOCs and other threat intel data and build logic within security tools to detect the presence of the IOCs in the organization.
  • Collect Vulnerability details from the respective team and ensure that there is adequate monitoring on the exploitation of these vulnerabilities.
  • Develop and maintain standard operating procedure (SOPs) and incident response playbooks based on identified incidents and develop incident eradication plans
  • Participate in the development of incident reports and update of lessons learnt
  • Identify and develop workflow automation to reduce response time and increase incident response procedures efficiency
  • Assist in data recovery procedures
  • Participate in testing, deploying, and administering the infrastructure required to provide appropriate incident response
  • Participate in threat hunting activities