Security Analyst

The primary function of this role is to monitor the ENOC environment on 24*7 basis and conduct initial analysis's for events to identify any cyber security threats or attacks on ENOC IT/OT assets. In addition to preforming first response assessment of the cyber Security incident and escalate to Senior Security Analyst for further investigation and response as per approved policies, processes and procedures. Principal Accountabilities Operational • Follow response procedures and other CIC related SOPs based on the incident impact analysis & predetermined response actions procedures • Acknowledge, analyse and validate vulnerabilities/incidents triggered from correlated events through SIEM or other security solution • Acknowledge, analyse and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc. • Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets • Gain an understanding of security risks and controls • Undertake first stages of false positive and false negative analysis • Perform analysis of log files to collect more contextual information in order to triage security events • Review and align priority, severity and classification of security incidents • Collect contextual information and pursue technical root cause analysis & attack method analysis • Conduct analysis of the events/incidents to identify potential deficiencies in deployed controls led to the incident to be materialized • Analyse reported cyber security events and incidents and recommend remediation and improvement actions • Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC. • Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions • Participate in post incident reviews and recommend improvements plans • Investigate, document, and report on information security issues and emerging trends. • Should be on-call 24 hours per day to respond to security emergences or other related problems • Should work on shifts schedule which includes weekends