IT Security Operations Analyst

ASMO is a groundbreaking joint venture between DHL and Saudi Aramco. Inheriting DHL’s logistics excellence and Saudi Aramco’s extensive supply chain ecosystem, we are here to set a new benchmark and redefine the procurement and supply chain landscape, enabling growth.

ASMO aims to be operational in 2025 and provide reliable end-to-end integrated procurement and supply chain services for companies across the industrial, energy, chemical, and petrochemical sectors. Our focus customers in the short term will be Saudi Aramco and its Affiliates. In the long term, all the industrial sectors within Saudi Arabia aim to reach the MENA region.

Objective:

The role-holder will have knowledge of the rules, procedures and in some cases, the principles and practices within the IT Security Operations discipline. They will be tasked with selectively extracting, verifying, and compiling objective and measurable data. In some instances, they may determine the course of action based on established principles and modify existing processes and methods.

General Responsibilities:

• Implement and manage security controls for ASMO’s IT infrastructure including cloud workloads and endpoint devices.
• Monitor security systems and tools to detect and respond to security incidents and vulnerabilities.
• Ensure that any unauthorized access, misuse, modification or denial of a network resource or network itself is detected and prevented
• Configure and maintain the virtual private network, firewalls, web content filtering and email security
• Configure network intrusion detection and prevention. Setup and monitor sandboxing solutions
• Implement zoning and configure the network for proactive monitoring
• Work with different technical teams to and implement a stable, secure and optimized endpoint environment for employees
• Ensure mobile devices used to access corporate data and applications are protected by Mobile Device Management (MDM) solutions. Report endpoint compliance to security leadership
• Conduct vulnerability assessments and penetration testing to identify and remediate security risks.
• Collaborate with cross-functional teams to ensure compliance with security policies, standards, and regulations.
• Work with SOC team to investigate and respond to security incidents, including conducting root cause analysis and implementing corrective actions.
• Develop and maintain documentation related to security configurations, procedures, and incident response plans.
• Stay updated on emerging threats and vulnerabilities and recommend security enhancements
• Design, implement, and maintain identity and access management systems and processes.
• Manage user provisioning, deprovisioning, and access request workflows.
• Enforce access controls, authentication mechanisms, and role-based access policies.
• Operate identity related systems including Privileged Access Management, Multi-factor Authentication, NAC authorization and Identity Management.
• Developing the architecture, design and standards of Identity Governance infrastructures including Active Directory, SAML, ADFS, Azure, Enterprise Authentication, Single Sign-on and Provisioning systems.
• Develop and implement data protection measures, including encryption, data loss prevention,and data classification.
• Enforce usage of data classification and labeling tools
• Generate reports that indicate the level of compliance and effective protection of data
• Conduct periodic access reviews and audits to ensure compliance with data protection regulations.
• Collaborate with business units to define access requirements and implement appropriate access controls.
• Provide user training and support on IDAM systems and data protection best practices.
• Recommend training and development interventions for team members to build their capabilities.
• Contribute to the identification of opportunities for the continuous improvement of systems, processes and practices to increase productivity and operational efficiency.
• Implement all relevant IT Security Operations department’s policies, processes, procedures and instructions so that work is carried out in a controlled and consistent manner.
• Contribute to the preparation of timely and accurate reports to meet departmental requirements, policies and standards.

Qualifications:

• Bachelor’s degree in computer science, information technology, or equivalent from a recognized and accredited university is required.
• Master’s degree in computer science, information technology or equivalent from a recognized and accredited university is preferred.
• Certifications in information security (e.g., CISSP, CISM, CIAM, CISA, CompTIA Security+) preferred.
• Demonstrated proficiency in oral and written English.
• 5 years’ experience in the same Field.
• Experience in Infrastructure, Network, Endpoint, Cloud and Container Security.

Core Competency:

• Endpoint and Network Security.
• Incident Response.
• Cloud and Container Security.