Security Analyst

Job Description and Requirements

Resonsibilites;
Assemble and coordinate with technical teams and third-party vendors to resolve incidents as quickly and efficiently as possible.
Assist in the response to security events and escalations and oversee incident response procedure as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
Act as administrator and threat hunter for End point security technologies i.e. Antivirus, Machine learning, Deception, Email security protection etc.
Maintain current knowledge of information security trends, threats & responses
Adhere to and improve upon policies and procedures on incident management, malware analysis, forensics analysis and used of information security tools and information.
Provide SME guidance on incident analysis, root cause analysis and problem resolution and collate security incidents and event data to produce monthly exception and management reports.
Perform normal and exceptional processing of user access and change requests, escalating such requests when appropriate.
Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
Work with users and technical staff including network engineers, system administrators, software developers to resolve security issues in a timely manner
Research, recommend, evaluate, implement information security solutions that identify and/or protect against potential threats, & respond to security violations.
Respond to emerging threats such as APT and other forms of targeted attacks, organized crime, etc.
Implement and manage tools and technologies for indicators of compromise and other threat intelligence.
Perform detailed forensic analysis of assets, including logs, malware samples, hard drive images, etc.
Restrict and stop incidents. Research and stop IOCs on endpoints and network.
Reconstruct events of a compromise by creating a timeline via correlation of forensic data.
Analyze malware and other attacks to extract indicators of compromise.
Communicate status of response, resolution and final root cause analysis to the appropriate stakeholders.
Ensure that, where appropriate, all forensic investigations are recorded and tracked to meet audit and legal requirements.
Assist and train junior team members in the use of security tools, the preparation of security reports and the resolution of security issues.
Required Technical and Professional Expertise
2-3 years of experience in Information Security with at least 3 years experience in security event analysis and incident response.
At least 3 years experience in network and endpoint infrastructure security technologies, specializing in log monitoring product-based consulting, architecture and implementation.
Preferred Tech and Prof Experience
Knowledge and experience in Enterprise Log Management (ELM) and SIEM tools and processes .
Subject matter expertise in at least one or more of the following: IBM QRadar, ArcSight, LogLogic, RSA EnVision, LogRhythm, Splunk and other similar products.
Subject matter expert in Endpoint and Deception technolgoies and Email security.
Should have the ability to develop processes & procedures around SOC/SIEM
Familiarity with the following technologies: SIEM, Active Directory, Microsoft Windows, Linux, firewalls, network protocols, IDS/IPS, advanced malware protection.
•Experience in the identification, assessment, mitigation and management of information security risks and issues.
Proven experience facilitating workshops, generating reports, preparing presentations and project management

*** تقدم على الرابط التالي : Apply on the following link ***
https://www.akhtaboot.com/en/saudi-arabia/jobs/riyadh/110556-Security-Analyst-at-IBM-