Cyber Security Analyst

The primary function of this role is to monitor the ENOC environment on a 24/7 basis and conduct initial analyses for events to identify any cyber security threats or attacks on ENOC IT/OT assets. In addition to performing first response assessment of the cyber Security incident and escalate to Senior Security Analyst for further investigation and response as per approved policies, processes and procedures.

• Follow response procedures and other CIC related SOPs based on the incident impact analysis & predetermined response actions procedures
• Acknowledge, analyse and validate vulnerabilities/incidents triggered from correlated events through SIEM or other security solution
• Acknowledge, analyse and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
• Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets
• Gain an understanding of security risks and controls
• Undertake first stages of false positive and false negative analysis
• Perform analysis of log files to collect more contextual information in order to triage security events
• Review and align priority, severity and classification of security incidents
• Collect contextual information and pursue technical root cause analysis & attack method analysis
• Conduct analysis of the events/incidents to identify potential deficiencies in deployed controls led to the incident to be materialized
• Analyse reported cyber security events and incidents and recommend remediation and improvement actions
• Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC.
• Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions
• Participate in post incident reviews and recommend improvements plans
• Investigate, document, and report on information security issues and emerging trends.
• Should be on-call 24 hours per day to respond to security emergences or other related problems
• Should work on shifts schedule which includes weekends

• Degree: Bachelor’s degree in Computer Science, Engineering or Business field or equivalent, Diploma with additional relevant experience.
• Required professional certifications: Professional certificate such as CISSP, GCTI , GCFA, GNFA

• 3+years of relevant experience in cyber security & forensics.
• Working experience in multiple industries (e.g. Energy, Utilities, Retail, Government…) is preferable.
• Working experience in cyber security threats monitoring and handling
• Exposer to OT security operation center experience will be a plus.