13 days old

Security Analyst

الرياض, Ar Riyad 13223
  • Job Code

Your Role and Responsibilities
As a Security Analyst will primarily support day to day security operations and event investigation. Expertise in SIEM technologies, log management, incident management, Antivirus and endpoint security are key to the role. This role will report to the Infrastructure Manager and will interact with security operations teams (outsourced or in-house) and the infrastructure security team.

  • Assemble and coordinate with technical teams and third-party vendors to resolve incidents as quickly and efficiently as possible.
  • Assist in the response to security events and escalations and oversee incident response procedure as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
  • Act as administrator and threat hunter for End point security technologies i.e. Antivirus, Machine learning, Deception, Email security protection etc.
  • Maintain current knowledge of information security trends, threats & responses
  • Adhere to and improve upon policies and procedures on incident management, malware analysis, forensics analysis and used of information security tools and information.
  • Provide SME guidance on incident analysis, root cause analysis and problem resolution and collate security incidents and event data to produce monthly exception and management reports.
  • Perform normal and exceptional processing of user access and change requests, escalating such requests when appropriate.
  • Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
  • Work with users and technical staff including network engineers, system administrators, software developers to resolve security issues in a timely manner
  • Research, recommend, evaluate, implement information security solutions that identify and/or protect against potential threats, & respond to security violations.
  • Respond to emerging threats such as APT and other forms of targeted attacks, organized crime, etc.
  • Implement and manage tools and technologies for indicators of compromise and other threat intelligence.
  • Perform detailed forensic analysis of assets, including logs, malware samples, hard drive images, etc.
  • Restrict and stop incidents. Research and stop IOCs on endpoints and network.
  • Reconstruct events of a compromise by creating a timeline via correlation of forensic data.
  • Analyze malware and other attacks to extract indicators of compromise.
  • Communicate status of response, resolution and final root cause analysis to the appropriate stakeholders.
  • Ensure that, where appropriate, all forensic investigations are recorded and tracked to meet audit and legal requirements.
  • Assist and train junior team members in the use of security tools, the preparation of security reports and the resolution of security issues.

Required Professional and Technical Expertise
2-3 years of experience in Information Security with at least 3 years experience in security event analysis and incident response.
At least 3 years experience in network and endpoint infrastructure security technologies, specializing in log monitoring product-based consulting, architecture and implementation.

Preferred Professional and Technical Expertise
Knowledge and experience in Enterprise Log Management (ELM) and SIEM tools and processes .
Subject matter expertise in at least one or more of the following: IBM QRadar, ArcSight, LogLogic, RSA EnVision, LogRhythm, Splunk and other similar products.
Subject matter expert in Endpoint and Deception technolgoies and Email security.
Should have the ability to develop processes & procedures around SOC/SIEM
Familiarity with the following technologies: SIEM, Active Directory, Microsoft Windows, Linux, firewalls, network protocols, IDS/IPS, advanced malware protection.
Experience in the identification, assessment, mitigation and management of information security risks and issues.
Proven experience facilitating workshops, generating reports, preparing presentations and project management

About Business Unit

Your Life @ IBM

About IBM

Location Statement

Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.



  • Computers Software and Hardware
Posted: 2019-08-08 Expires: 2019-09-07

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Security Analyst

الرياض, Ar Riyad 13223

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast