Emirates National Oil Company (ENOC) presently has a job opening for eligible candidate for the position of Senior Security Analyst in Dubai, UAE. Founded in 1993, ENOC is a Dubai-based state-owned oil and gas company. ENOC operates in various segments of the energy sector, including exploration, production, refining, and marketing of petroleum products. ENOC has a significant presence in Dubai & is responsible for managing the supply and distribution of petroleum products in the emirate. It also operates a network of service stations across Dubai and provides a wide range of fuel products, including gasoline, diesel, and aviation fuel. In addition to its core business of oil and gas, ENOC has diversified into other areas such as aviation, lubricants, and convenience stores.
Purpose of A Senior Security Analyst
Monitor the ENOC environment on a 24*7 basis and conduct advance analysis for events to identify any cyber security threats or attacks on ENOC IT/OT assets.
Duties of a Senior Security Analyst
- Follow response procedures and other CIC related SOPs based on incident impact analysis & predetermined response actions.
- Work closely with security analysts to get direct feedback about new, unknown suspicious behaviour.
- Handle escalated incident from security analyst to conduct deep investigations.
- Gain knowledge of existing policies, standards, procedures and guidelines to prevent the unauthorized use, release, modification or destruction of ENOC information assets.
- Conduct malware analysis using run-time analysis, comparative analysis and reverse engineering tools.
- Conduct digital forensics and deep investigations and evidence handling in line with best practices.
- Preform threat hunting, discovery and exploration to identify threats that pass traditional detection tools.
- Perform proactive research to identify and characterize new emerging threats, vulnerabilities and risks.
- Review and align priority, severity and classification of security incidents.
- Develop metrics, reporting & documentation on frequency, impact & types of incidents.
- Collaborate on investigation of incidents, containment, remediation and root cause analysis.
- Develop techniques and processes to identify anomalous behavioral patterns.
- Collect contextual information and pursue technical root cause analysis & attack method analysis.
- Identify gaps, take ownership of tasks and become a contributor to projects related to CIC as needed.
- Advocate security best practices, strategy, architecture and assist in security design consultations.
- Apply strategic and tactical responses in challenging environments with heterogeneous systems.
- Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC.•Participate in closing identified security audit points.
- Periodically report on IT security status, security system efficiency & recommended improvements to management.
- Should be on call 24 hours per day to respond to cyber security emergences.
Who Can Apply?
- Bachelor’s degree in computer science, engineering or business field or equivalent or Diploma with additional relevant experience.
- Professional certificate such as CISSP, GCTI ,GCFA, GNFA.
- 7 plus years of Information security or technology experience.
- 4 plus years of relevant experience.
- Working experience in multiple industries (e.g. Energy, Utilities, Retail, Government).
- Working experience in cyber security threats monitoring and handling.