The Technical Security Analyst is a member of the Information Security team. The individual will be responsible for the day-to-day operations of existing security systems and tools along with identifying, investigating and coordinating resolution (i.e. containment, eradication and recovery) of security. The individual will also participate in identifying the need for additional security controls (i.e. processes or tools) and their implementation.

Primary Responsibilities:

  • Supports the Head of Information Security in the planning and design of enterprise security architecture;
  • Implementing Security Architecture Strategies such as data encryption, advanced antimalware, data loss prevention, email security, encryption, Security Information, Event Management, and other information security software as defined by the Head of Information Security;
  • Recommends security solutions or enhancements to improve overall enterprise security;
  • Support the Head of Information Security in defining metrics, KPIs, and KRIs for Information Security Controls;
  • Participates in the creation, implementation and maintenance of security policies, standards, procedures, guidelines and baselines;
  • Acts as Subject Matter Expert on Information Security Issues for technology and business process implementation projects;
  • Participates in the planning and creation of business continuity and disaster recovery plans;
  • Participates in the planning, establishing and maintaining of Information Security Incident Response Plans;
  • Deploy, integrate and maintain information security tools (i.e. vulnerability management, mail content filtering, etc.);
  • Monitors all in-place security solutions for efficient and appropriate operations;
  • Monitors security events for suspicious or potential security incidents;
  • Investigates suspicious or potential security incidents or violations, recommends action plans and coordinates resolutions.
  • Coordinate with outside vendors to perform tests and uncover network vulnerabilities and ensure timely remediation of detected vulnerabilities to maintain a high-security standard Windows, Linux and AIX operating systems architecture, security controls, hardening and testing;
  • Manages vulnerability assessment and penetration testing, data scanning…;
  • Participates in design and execution of penetration tests and security audits;
  • Coordination of information gathering for internal and external auditors;
  • Employ advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis and will perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the security of communications networks;
  • Understand attack signatures, tactics, techniques and procedures associated with advanced threats and develop analytical products fusing enterprise and all-source intelligence;
  • Conduct malware analysis of attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker encoding protocols;
  • Maintains up to date and in-depth knowledge of the IT security industry including trends, risks/threats/vulnerabilities, security best practices and security solutions and products;

Key Competencies

  • University Degree preferably in the field of law enforcement, information security, computer science or business safety or any related technical certifications and training;
  • At least 7 years of overall work experience in security, risk management, loss prevention, and emergency preparedness with a minimum 2 years recent experience as a security analyst or similar role;
  • Certified Information Systems Security Professional;
  • Certified in Risk and IT Controls;
  • Security related certifications from major vendors such as Microsoft, Cisco, Checkpoint or others;
  • Experience of technology risk assessments;
  • Extensive experience with Windows Active Directory, group policies and security models for authentication and access controls;
  • Strong understanding of current and legacy Windows desktop and server operating systems;
  • Strong understanding of the language, protocol of TCP/IP, firewalls, remote access services, desktop, presentation virtualization, and other platform/network services;
  • Good understanding of the tools used to protect the organization such as DLP, AV and anti-malware;
  • Knowledge of security worldwide certifications such as PCI DSS and NIST;
  • Quality oriented, have an eye for details and show strong bias for continuous improvement;
  • Ability to respond quickly to security, safety, and sensitive situations;
  • Demonstrated ability to undertake complex investigations, including those into sensitive and criminal matters, and produce clear and impartial reports on the findings;
  • Effective problem-solving, written and oral communication, presentation, organizational and interpersonal skills;

 

Please ensure all your personal, academic and professional details are up to date before sending your cv and motivation. Any incomplete application or those received by post will not be considered.

Management reserves the right not to make any appointment following this advertisement.

Available positions

POSITION TITLE DEPARTMENT BRANCH PUBLICATION DATE CLOSING DATE

Submit your resume