Analyst Information Security

Contribute to the planning and organizing of the work with team members to support timely achievement of unit objectives in line with quality standards.

Ensure that all the assigned work to them is conducted in an efficient manner, which is consistent with the organization’s procedures and policy.

Provide constructive feedback to the team members to support their overall development.

Promote the organization’s values and ethics in all activities within the team to support the establishment of a value-driven culture within the organization.

Provide input and implement policies, systems, and procedures for the assigned team so that all relevant procedural requirements are fulfilled.

Contribute to the development, implementation, and enforcement of policies and procedures, while monitoring compliance with established standards and regulations to enhance overall information security posture.

Monitor security events and alerts using security information and event management (SIEM) tools.

Analyze security logs and data to identify potential security incidents or anomalies.

Investigate security alerts and assess their severity and impact on the organization.

Conduct vulnerability scans and assessments to identify security weaknesses in systems and networks.

Prioritize and remediate vulnerabilities based on risk and potential impact.

Track and report on the status of vulnerability remediation efforts.

Assist in responding to security incidents, including containment, investigation, and resolution.

Document incident response activities and findings for further analysis and improvement.

Work closely with other IT teams and stakeholders to coordinate incident response efforts.

Assist in conducting security risk assessments to identify and prioritize security risks.

Participate in risk mitigation activities and recommend security controls and countermeasures.

Maintain risk assessment documentation and track risk mitigation efforts.

Support security awareness programs to educate employees about security threats and best practices.

Provide training and guidance to staff on security-related policies and procedures.

Assist in the development of security training materials and resources.

Assist in the management and maintenance of security tools and technologies, such as firewalls, IDS/IPS, and antivirus systems.

Evaluate and recommend new security tools and technologies to enhance security posture.

Maintain documentation of security processes, procedures, and configurations.

Prepare and deliver security reports and metrics to management and stakeholders.

Assist in regulatory compliance efforts by providing documentation and evidence as needed.

Contribute to the effective implementation of corporate policies, procedures, and processes to promote a culture focusing on the achievement of world-class standards in risk management, QHSE and business continuity in line with regulatory requirements.

Bachelor's degree in Computer Science, Information Technology, or related field.

Familiarity with regulatory standards or security frameworks (ISO 27001, NIST, etc.) is a plus.