Cyber Security CSOC Analyst


Job title: Cyber Security CSOC Analyst

Company: Nawah Energy Company

Job description: Job Description

Monitor and respond to alerts that are triggered on security devices in order to protect the Barakah Nuclear Power Plant (BNPP) computing network. Provide first line analytical assessment within the Barakah Nuclear Power Plant facilities whilst triaging alerts to determine whether they are malicious in nature or benign. Escalate malicious alerts to the second line team for further technical investigative work.

Cyber Security Operations Centre Monitoring and Analysis

  • Monitor Cyber Security events from various sources, including, but not limited to, Security Information and Event

Management systems , Intrusion Detection Systems/ Intrusion Prevention Systems network monitoring tools and
log files analysis, check for potential issues to ensure that potential malicious activities are mitigated or prevented.

  • Triage Alerts that are triggered by the Security Information and Event Management systems before they are raised

to Tier-2 analysts to ensure that that Tier-2 analysts have enough information to further investigate events.

  • Investigate Indicator of compromise in log management and security controls received by external and third party

advisories to ensure emerging threats are detected

Alerts Investigation

  • Perform an initial investigation and correlation of events triggered in the Security Information and Event

Management systems and other tools within the Cyber Security Operations Centre to identify possible security
threats to the environment.

  • Identify non-malicious false alerts and work with other stakeholders to exclude them from being triggered in the

future.

  • Asses and/or escalate the alerts raised by the tooling within in the time set by the applicable service-level

agreement (SLA).

Security Triage

  • Extract artefacts of interest from log data and examine them, recording all relevant information in a Security

Incident ticket to make sure that the tier 2 analyst has all the information to quick assess the potential incident.

  • Escalate alerts raised by the Security Information and Event Management systems, into potential Incidents, to tier-

2 analysts for confirmation.

Coordination and Information Exchange with Physical Security team

  • Communicate with Physical Security team periodically when a Cyber Security Event or Incident may involve

potential insider threats, or evolving cyber security issues could be perceived as the prelude to a potential physical
attack to ensure potential insiders are physically stopped from performing more potentially damaging action.

Assets and Process Monitoring

  • Periodically check to ensure that the Critical Digital Assets (CDAs) and the plant operations network are properly

monitored by checking the Lists of CDAs against the actual assets that are sending logs to the Security
Information and Event Management systems

  • Ensure that the security monitoring systems are properly functioning, and that the data shown by them is accurate

by following up the events that are triggered by the system if an asset did not sent logging for a predefined period.

People Management

  • Contribute to the development of UAE National employees in a manner which supports the objectives of the

corporation and its Emiratization strategy.

  • Contribute to knowledge dissemination/sharing in a way that assists with building internal capabilities of UAE

Nationals where applicable and maximize their effective performance.

Excellence and Quality Management

  • Ensure commitment to a culture of continuous improvement by eliminating waste, following operations procedures,

practicing innovation, problem solving, and teamwork; complying with Quality Management System policies and
procedures; providing and receiving constructive feedback, and striving to meet quality standards and stakeholder
expectations.

  • Ensure Commitment to the Nawah Fundamentals.

Skills

Bachelor’s degree in Engineering
or related Science

  • 2 years of relevant experience

Technical Competency Core Competency Leadership Competency

  • Knowledge of COMPTIA

Network +

  • Knowledge of COMPTIA

Security +

  • Knowledge of Incident

Handling and Management

  • Knowledge of information

security frameworks and
standards

  • Knowledge of

Communications Security
Management

  • Knowledge of Industrial

Control Systems
(ICS)/Operational Technology
(OT) and/or Supervisory
control and data acquisition
(SCADA) Security

  • Knowledge of Incident

Handling and Response

  • Knowledge of Computer

Network Defense

  • Knowledge of Configuration

Management

  • Knowledge of Information

Systems / Network Security

Expected salary:

Location: United Arab Emirates

Job date: Sun, 20 Feb 2022 03:11:58 GMT

Apply for the job now!

Leave a Comment