Cyber Security Specialist

   Purpose of this Job

To support on keeping the availability, security, and reliability of SADAFCO's information systems, core system and business applications. Provides general cybersecurity support. Assists in cybersecurity tasks. Uses data collected from cyber defense tools to analyze events that occur within their organization to detect and mitigate cyber threats.

Key Accountabilities

Operate Technical Defense and Protection:

• Provide timely detection, identification and alerting of possible attacks, anomalous activities and misuse activities and distinguish them from benign activities.
• Support in implementing secure solutions across SADAFCO environments to sustain a resilient enterprise – covering network services, physical connections, topologies and architecture, and cloud connectivity.
• Use monitoring, detection, incident response, and automation to proactively support ongoing security operations in SADAFCO environment.
• Apply security practices to cloud, on-premises, endpoint, and mobile infrastructure, while considering cryptographic technologies and techniques
• Administer the hardware and software that protects and defends IT systems and networks against cybersecurity threats.
• Analyze security of operations and systems integrated into the network; Analyze vulnerability and configuration data to identify cybersecurity issues.
• Apply cybersecurity and privacy principles to SADAFCO requirements.
• Evaluate, analyze, and identify weaknesses and improvements systems and networks.
• Use the data collected from cyber defense tools to analyze events that occur within to detect and mitigate cyber threats.
• Ensures that security records are accurate and complete and that requests for support are dealt with according to agreed procedures.
• Contributes to the creation and maintenance of policy, standards, procedures and documentation for security.
• Verify minimum security requirements are in place.
• Periodically analyze security of our operations and integrated systems.

Threat Management

• Collect and analyze multi-source information about cybersecurity threats to develop deep understanding and awareness of cyber threats and actors’ Tactics, Techniques and Procedures (TTPs)
• Derive and report indicators to help SADAFCO to detect and predict cyber incidents and protect systems and networks from cyber threats.
• Analyze external threat landscape and map it to potential impact.
• Source all data used in intelligence, assessment and planning activities.
• Proactively search for undetected threats in networks and systems, identifies their Indicators of Compromise (IOCs) and recommends mitigation.

Governance, Risk and Compliance:

• Manage individual and entity identities and access to resources by applying identification, authentication and authorization systems and processes.
• Monitor SADAFCO’s cybersecurity program compliance with requirements, policies, and standards.
• Analyze cybersecurity controls and assess their effectiveness from a technical Point of view.
• Prepare audit reports and communicate them to authorized parties.

Engagements with stakeholders:

• Communicate cybersecurity concepts and practices in an effective manner.
• Effectively communicate insights about the threat environment and improvements to security posture

User Awareness and Education:

• Help in Promoting awareness of cybersecurity policy and strategy as appropriate among SADAFCO's staff.
• Maintain training records and reports in alignment with training department in SADAFCO.
• Administer and maintain SADAFCO’s adopted training system.

Disaster Recover (DR) and Business Continuity:

• Develop and test procedures to transfer system operations to an alternate site.
• Execute business continuity and disaster recovery procedures.
• Support peer functions to prepare their own Business Continuity Plan (BCP) by giving IT input.

Vulnerability Assessment:

• Analyze exercise results and system environment to plan and recommend modifications and adjustments.
• Perform vulnerability assessments of systems and networks. Identify deviations from acceptable configurations or applicable policies.
• Measure effectiveness against known vulnerabilities.
• Make recommendations to enable effective remediation of vulnerabilities.

Incident Response (IR):

• Isolate and remove malware.
• Coordinate and support Incident Response activities during cybersecurity events.
• Collect and analyze digital evidence to support investigation of cybersecurity incidents - derive useful information to mitigate system and network vulnerabilities as first responder.

Job Requirements

• Education: Bachelor’s degree in information security, Computer Science or equivalent.
• Required Certifications: Security+ or equivalent Microsoft AZ500 or equivalent.
• Preferred Training/ Courses: SANS, ISO27001 lead Implementer, CEH (Certified Ethical Hacker), CSA (Certified Security Analyst), CHFI (Computer Hacking Forensic Investigator), CCSP (Certified Cloud Security Professional).
• Minimum Experience: 0 to 2 years
• Languages: Fluent in English and Arabic.
• Moderate understanding of operating Systems networks, infrastructure, cloud technology and Office-365

Competencies

• Strong verbal and written communication skills.
• Ability to work with Technical and Non-Technical stakeholders.
• Strong interpersonal communication skills.
• Demonstrated capacity to learn, intellectual honesty and independent thinking.
• Capable of giving strong attention to details.
• Strong critical thinking, problem-solving, logic, and forensics skills.
• Ability to perform work under pressure and meet tight deadlines.
• Ability to function independently and effectively in a self-directed environment.
• Up to date knowledge of the latest security, intelligence and technology developments.