Analyst – Threat Intelligence
Burgan bank
مجموع سنوات الخبرة :1 years, 3 أشهر
& Cyber Security - Risk Management Group) ☞ Offense Monitoring System: Demonstrated working knowledge of offense monitoring systems to proactively identify and mitiate potential security threats. ☞ Phishing/Incident Response: Executed procedures for timely response to phishing incidents, implementing corrective actions to safeguard the organization's security posture. ☞ Security Device Monitoring and Data Leakage: Monitored security devices to detect and respond to potential data leakage incidents, ensuring the confidentiality and integrity of sensitive information. ☞ External Threat Intelligence Platforms: Monitored alerts and executed corrective actions from various external threat intel platforms, including CBK, SOC, CISA Cyber, US Cert, MS-ISAC, and NCR. ☞ Cyber Threat Intelligence Operations: Conducted operations involving intelligence collection (IOCs), tracking threat actors, and identifying malicious infrastructure to enhance the organization's threat intelligence capabilities. ☞ Threat Tracking: Tracked potential threats associated with attempted intrusions, network & host-based attacks, collaborating with cybersecurity teams to coordinate incident response efforts. ☞ Attack Methods and Forensic Analysis: Possessed knowledge of various attack methods, conducting network/endpoint forensic analysis, and contributing to malware analysis initiatives. ☞ SIEM Solutions: Worked with SIEM solutions such as Splunk, LogRhythm, and QRadar to identify, investigate, and respond to security incidents. ☞ File Integrity Monitoring (FIM): Utilized FIM to monitor critical files and systems for unauthorized access or changes, ensuring compliance with PCI DSS, ISO27001, SWIFT, and company standard policies. ☞ Vulnerability Assessments: Conducted comprehensive Vulnerability Assessments using industry-standard tools and techniques, providing recommendations for remediation strategies. ☞ SOAR Platforms: Leveraged Security Orchestration, Automation, and Response (SOAR) platforms to automate security operations workflows and enhance incident response capabilities. ☞ Algosec Firewall Analyzer: Collaborated with Algosec Firewall Analyzer for comprehensive visibility into network security policies, rule analysis, risk assessment, change management, and compliance reporting. ☞ Database Access Management (DAM): Monitored DAM solutions to ensure data access policies were enforced, actively monitoring user activities and provisions. ☞ Data Classification: Conducted data classification activities to ensure compliance with regulatory requirements. ☞ Attack Simulation Exercises: Conducted and participated in Attack Simulation exercises to validate the effectiveness of security controls. ☞ Brand Monitoring and Threat Analysis: Monitored and took necessary action, including escalation, for brand monitoring, domains/SSL certificates/website 24x7 monitoring, phishing alerts, dark web news, card leakage, credential leakage, mobile application monitoring, and threat analysis.