Share this Job
Senior Cyber Security CSOC Specialist
Date: May 23, 2023
Location: Abu Dhabi, Abu Dhabi, AE
Company: Emirates Nuclear Energy Corporation
Job Purpose
Conduct analysis, correlation, monitoring and verification of security events, identifying malicious activities inside the perimeter of the Barakah Nuclear Power Plant (BNPP) industrial and computing network. Lead the NAWAH technical incident handling and response based on Cyber Security procedures and guidelines.
Activity:
Cyber Security Operations Centre (CSOC) Events Correlation and Advanced Analysis
Responsibilities and Accountabilities:
•Review events and potential issues raised by Tier-1 analysts to ensure that the quality of forwarded events and issues is in line with agreed quality standards.
•Conduct in depth analysis, combining the use of Indicators of Compromise (IOCs), events and aggregated log data to ensure that malicious activity is identified before it could potentially compromise the confidentiality, integrity or availability of BNPP network and systems critical data.
•Report and escalate malicous activities to Shift Manager to ensure that malicous activities are forwared to the right group or entity.
Cyber Security Monitoring, Analysis and Response
Responsibilities and Accountabilities:
•Provide additional layer of monitoring for any events generated through the Security Operational monitoring tools, as well as check for security intelligence feeds and other external event sources to ensure that new threats to the BNPP environment are ingested in the monitoring tools.
•Create, manage, discard and/or dispatch cyber security incident tickets and cases that are quilified as a potential incident to ensure that incidents and tickets are forwarded and resolved according to the applicable Sservice-Level Agreement (SLA).
•Ensure that the Critical Digital Assets (CDAs) and the plant operations network are properly monitored in order to ensure that malicous activities are detected and cases can be closed.
CSOC Incident Handling and Forensics
Responsibilities and Accountabilities:
•Perform Cyber Security Incident Handling, Response and Forensics support activities in accordance with approved Cyber Security department procedures.
•Perform Cyber Security Incidents Escalation to ensure that incidents are dispatched to the appropriate internal or external entities, in accordance with approved Cyber Security department procedures.
Incident Response and Remediation
Responsibilities and Accountabilities:
•Ensure to communicate and document all actions agreed in response to different cases of incidents, these incidents may differ in terms of the appropriate remediation steps to take on the affected systems, it may involve one or more of the following steps:
o Re-image systems (and restore backups)
o Patch or update systems (e.g.apps and OS updates)
o Re-configure system access (e.g.account removals, password resets)
The incumbent is expected to perform standard activities as per attachments 4 & 5 in the Job Description procedure (relating to Health, Safety and Environment, Security and Business Continuity, People Management, Excellence and Quality Management
Cyber Security Operations Centre (CSOC) Events Correlation and Advanced Analysis
Responsibilities and Accountabilities:
•Review events and potential issues raised by Tier-1 analysts to ensure that the quality of forwarded events and issues is in line with agreed quality standards.
•Conduct in depth analysis, combining the use of Indicators of Compromise (IOCs), events and aggregated log data to ensure that malicious activity is identified before it could potentially compromise the confidentiality, integrity or availability of BNPP network and systems critical data.
•Report and escalate malicous activities to Shift Manager to ensure that malicous activities are forwared to the right group or entity.
Cyber Security Monitoring, Analysis and Response
Responsibilities and Accountabilities:
•Provide additional layer of monitoring for any events generated through the Security Operational monitoring tools, as well as check for security intelligence feeds and other external event sources to ensure that new threats to the BNPP environment are ingested in the monitoring tools.
•Create, manage, discard and/or dispatch cyber security incident tickets and cases that are quilified as a potential incident to ensure that incidents and tickets are forwarded and resolved according to the applicable Sservice-Level Agreement (SLA).
•Ensure that the Critical Digital Assets (CDAs) and the plant operations network are properly monitored in order to ensure that malicous activities are detected and cases can be closed.
CSOC Incident Handling and Forensics
Responsibilities and Accountabilities:
•Perform Cyber Security Incident Handling, Response and Forensics support activities in accordance with approved Cyber Security department procedures.
•Perform Cyber Security Incidents Escalation to ensure that incidents are dispatched to the appropriate internal or external entities, in accordance with approved Cyber Security department procedures.
Incident Response and Remediation
Responsibilities and Accountabilities:
•Ensure to communicate and document all actions agreed in response to different cases of incidents, these incidents may differ in terms of the appropriate remediation steps to take on the affected systems, it may involve one or more of the following steps:
o Re-image systems (and restore backups)
o Patch or update systems (e.g.apps and OS updates)
o Re-configure system access (e.g.account removals, password resets)
The incumbent is expected to perform standard activities as per attachments 4 & 5 in the Job Description procedure (relating to Health, Safety and Environment, Security and Business Continuity, People Management, Excellence and Quality Management
N/A
Minimum
N/A
Preferred
•Certified in Risk and Information Systems Control (CRISC),
•Systems Security Certified Practitioner (SSCP),
•Internal Security Assessor (ISA),
•Global Information Assurance Certification (GIAC) Certified Incident Handler
•Certified Information Systems Security Professional (CISSP)
N/A
Preferred
•Certified in Risk and Information Systems Control (CRISC),
•Systems Security Certified Practitioner (SSCP),
•Internal Security Assessor (ISA),
•Global Information Assurance Certification (GIAC) Certified Incident Handler
•Certified Information Systems Security Professional (CISSP)
Minimum
•Bachelor's Degree in Cyber Security related field with 5 years of related experience.
•Diploma or Military or Police Academy graduate with 10 years' experience
•High School with 12 years of experience.
Preferred
•Masters' Degree in Cyber Security related field with 5 years of security related experience.
•Bachelor's Degree in Cyber Security related field with 5 years of related experience.
•Diploma or Military or Police Academy graduate with 10 years' experience
•High School with 12 years of experience.
Preferred
•Masters' Degree in Cyber Security related field with 5 years of security related experience.
Experience
