The Company: A large multinational Oil and Gas firm based in Sharjah The Role: Security Analyst – IT Department – The primary responsibility of a Security Analyst is to conduct a thorough risk assessment of the network and applications, identify vulnerabilities and provide configurations to enhance existing security of systems Major Responsibilities:
Conduct periodic vulnerability assessments and penetration testing on internal networks, servers and applications.
Conduct periodic vulnerability assessments and penetration testing on internet facing networks and applications.
Provide mitigation for the identified vulnerabilities and assist internal teams to implement the mitigations.
Conduct periodic infrastructure architecture review to identify security issues and recommend measures to improve security.
Evaluate applications and software for security issues.
Research security enhancements and make recommendations to management.
Provide periodic reports of security status and vulnerability assessments.
Develop security standards and practices
Develop automation scripts to handle and track incidents
Educate staff members on information security through training and awareness
Recommend modifications in legal, technical and regulatory areas
Provide input to the information security strategy
Harden on-premises and cloud infrastructure
Qualifications & Desired Skills:
Bachelors/master’s in computer science
4-5 years’ experience in Information Security field with hands-on experience in penetration testing and vulnerability assessments of applications, networks and server operating systems.
Excellent understanding of firewalls, antivirus, EDR, SIEM and IDS/IPS concepts.
Hands on experience in performing web application and mobile app security testing, network & wireless infrastructure penetration testing
Knowledge of Windows, Linux, Network OS, mobile OS configurations
Proficient in pentest tools like Kali Linux, Metasploit
Knowledge of Apache, PHP, scripting tools like Python, Powershell
Ability to develop testing scripts and procedures
Ability to leverage exploits
Knowledge of cloud security and experience in cloud security testing
Ability to identify and mitigate vulnerabilities and ability to provide practical recommendations
Critical thinking skills and the ability to solve problems as they arise
Excellent reporting and presentation skills
Cloud infrastructure security management
An understanding of best practices and how to implement them at a business-wide level
Certifications
Certified Information Systems Security Professional (CISSP)
SANS Penetration Testing
EC-CE
Beware of fraud agents! do not pay money to get a job
MNCJobsGulf.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.