Cyber Security Analyst
Saudi Aramco Total Refining And Petrochemical Company - Satorp
مجموع سنوات الخبرة :10 years, 7 أشهر
Provide analysis and trending of security log data from a large number of heterogeneous IT security devices.
Provide Incident Response (IR) support when analysis confirms actionable incident.
Provide threat and vulnerability analysis as well as security advisory services.
Analyze and respond to previously undisclosed software and hardware vulnerabilities.
Investigate, document, and report on information security issues and emerging trends.
Integrate and share information with other analysts and other teams.
Other tasks and responsibilities as assigned.
Assist Entry-Level SOC analysts to help them build stronger skills.
Assist Team Leads with reporting, projects, administrative work as needed.
Review SOC Analyst ticket queue, review tickets, closure or reassignment as needed.
Create/review/modify documentation as needed, to include any process or procedure and thus ensure it’s up to date and standard.
Update the Whiteboard or any relevant POC information.
Change management calendar updates/closures
Maintenance and responsibility of the mailbox - put in outage tickets, ensure there are no emails to triage or vulnerability managers to call back on.
Monthly SOC Reports.
Answer SOC incoming phone calls and triaging phone calls that are not related to monitoring.
Create daily Shift Handoff notes and summary and send to all shifts.
SOC White Board daily/weekly updates.
Other duties as assigned by Team Leads and/or Operations Manager.
Work as part of a growing team, to disseminate information to others - which makes us Observe security solutions; SIEMs, firewall appliances, intrusion prevention systems, data loss prevention systems, analysis tools, log aggregation tools.
Responsible for the collection, analysis, and dissemination of cyber threat intelligence.
Maintain an understanding of attacks, vectors and emergent threats.
Provide tier II support for escalated security incidents. Obtain and share cyber security intelligence with security partners, vendors and law enforcement as necessary.
Mentor and educate teams with expert knowledge of information security event management, security forensics, network access controls and perimeter security, operations, implementations of new technologies.
Operate the processes necessary to collect threat intelligence, analyze the data for patterns and actionable information, and create intelligence products for other teams to consume.
Identify security risks and exposures, determine the causes of security violations and suggest procedures to halt future incidents.
Review/troubleshoot miscellaneous issues users may encounter to systems applications.
Respond immediately to security-related incidents and provide a thorough post-event analysis.
Perform Security Engineering Research and Development apply systems and network analysis techniques and procedures, including consulting with users to determine hardware, software, and security system functional specifications related to the ongoing security measures and defense in depth security strategy
Solid understandings of security on networks, hardening, patch management, pen testing, vulnerability testing, Windows systems, open systems, applications, and web and public facing systems.
Educated and defined security product configuration standards and engaged the right team to deliver the solution
Responsible for Project Implementation and SLA Support to Customers.
Implemented and maintain as per the best practices for major security products like MacAfee, GFI, Watch guard, F-secure, Device lock
Perform Security Risk assessments, enterprise wide, to ensure protection of end points and network by integrating MacAfee vulnerability manager, GFI.
Worked with IT staff and business unit leaders to educate them on current Malware and other security threats
Conducted POC's to determine the features and benefits of the security products.
Conducted training to employees and staff.
