Our client is extending its capabilities to include project and technical support for investment banking clients, initially in Saudi Arabia but potentially also in other Gulf countries, they are recruiting a Cyber Security Defense and Protection Specialist to join their team.
Overview
This role identifies, analyzes, monitors mitigates, and manages threats and vulnerabilities to IT systems and networks. It uses defensive measures and multi-source information to report events and respond to incidents, as well as monitoring and analysis tools to identify and analyze events and detect incidents. It uses cybersecurity tools to protect information, systems, and networks from cyber threats and tests IT systems and networks, and assesses their threats and vulnerabilities. It investigates, analyzes, and responds to cyber incidents, collects and analyzes information about threats, searches for undetected threats, and provides actionable insights to support cybersecurity decision-making.
Key Responsibilities
Uses data collected from cyber defense tools to analyze events that occur within the organization to detect and mitigate cyber threats.
Tests, implements, deploys, maintains, and administers hardware and software that protects and defends systems and networks against cybersecurity threats.
Provides general cybersecurity support. Assists in cybersecurity tasks.
Develops, evaluates, analyzes, and identifies weaknesses of, and improvements to, cryptography systems and algorithms.
Develops, tests and maintains systems’ security. Analyzes security of operations and integrated systems.
Performs vulnerability assessments of systems and networks. Identifies where they deviate from acceptable configurations or applicable policies.
Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
Conducts authorized attempts to penetrate computer systems or networks and physical premises, using realistic threat techniques, to evaluate their security and detect potential vulnerabilities.
Investigates, analyzes and responds to cybersecurity incidents.
Collects and analyzes digital evidence, investigates cybersecurity incidents to derive useful information to mitigate system and network vulnerabilities.
Identifies, collects, examines and preserves evidence using controlled and documented analytical and investigative techniques.
Analyzes (by disassembling and/or decompiling) malicious software, understands how it works, its impact and intent and recommends mitigation techniques and incident response actions.
Collects and analyzes multi-source information about cybersecurity threats to develop deep understanding and awareness of cyber threats and actors’ Tactics, Techniques and Procedures (TTPs), to derive and report indicators that help organizations detect and predict cyber incidents and protect systems and networks from cyber threats.
Proactively searches for undetected threats in networks and systems, identifies their Indicators of Compromise (IOCs) and recommends mitigation plans.
Implementing cyber security recommended controls listed in the Open API Framework.
Identifying technology specific threats and evaluating cyber security and privacy risks, including third party cyber security related risks that could target applications consuming Open APIs.
Designing additional cyber security controls for applications consuming Open APIs with the aim of addressing identified risks.
Identifying and overseeing remediation plans if cyber security controls are not implemented as per the Open API Framework recommendations
Education
Bachelor’s or Masters’ Degree in a relevant subject.
Experience
Entry level role requiring basic skills and level of proficiency. Has general understanding of basic principles in Cybersecurity Concepts.
Works under close supervision with limited scope for initiative or independent judgement outside of defined procedures.
Consults with peers and seniors to learn through experience. Over time, will develop the ability to work on increasingly complex tasks and projects. Typically requires 0-2 years of work experience in cybersecurity in a similar financial services or software development environment.
Technical expertise
Basic knowledge of cybersecurity principles.
Basic understanding of intrusion detection technologies.
Ability to effectively conduct vulnerability scans.
Ability to identify, capture, contain and report malware.
Ability to design countermeasures to identified security risks.
Skill in configuring and utilizing computer protection tools.
Skill in conducting forensic analysis in multi-system environments.
Understanding of the impact of a cybersecurity breach on the organization.
Understanding of new technologies and solutions from a cybersecurity perspective.
General Knowledge, Skills and Abilities
Excellent time management and organizational skills.
Teamwork and collaboration, including the ability to establish and maintain effective internal and external working relationships with executive clients, technical and non-technical individuals.
Flexibility, reliability and self-motivated, with the ability to perform under pressure.
Basic knowledge of the cybersecurity threat landscape.
Basic knowledge of vulnerabilities in infrastructure and critical environments.
Basic knowledge of the principles of cybersecurity and privacy.
Knowledge of cybersecurity defense tools and their capabilities.
Knowledge of the cybersecurity aspects of business continuity and disaster recovery planning and testing.
Knowledge of best practice analysis principles and methods.
Knowledge of the organization’s risk management principles and procedures.
CV to: career {at} net - recrute . com