Job Description and Requirements
Core Responsibilities: KBR-SL seeks
a detail-oriented computer specialist with expertise in planning, coordinating,
and implementing information security systems. The desired candidate will be
proficient in analysis, forensics, reverse-engineering, and in allaying
cybersecurity risks for Project information networks.
You will:
Use the SIEM tool
/ dashboard and reports along with other monitoring / admin tools to continuously
monitor the security status of the system and compliance with certification
requirements
Develop, update,
and implement security measures and controls for all information systems, in
particular for the Management Information System (MIS).
Secure data
and information systems, protecting them from unauthorized access or tampering
Provide technical
support and monitor security access, ensuring that the Project Team and Supply
Chain Partners are aware of security restrictions and adhere to access and
system use across the programme and locations.
Perform
regular internal and external security audits
Develop
better logging, boundary rules and reporting techniques to identify and
minimise intrusion.
Respond to
cyber events or incidents in accordance with the Cyber Incident Management
Plan, escalating and supporting as appropriate. and.
Analyse the
source of security breaches, if possible, identify perpetrators and liaise with
our Contract Security Manager and the client’s Principal Security Advisor
(PSyA) as appropriate.
Recommend and
implement security tools and anti-malware software.
Determine,
adapt, and maintain corporate security procedures and policies, actively
monitoring industry and international practices and identifying and
implementing any actions to remain compliant.
Provide staff
with security awareness training and advisories on a regular basis and identify
customer and client specialists to mentor and train to transfer cyber security
aspects to the customer and user community as part of the transformation
programme
Coordinate
security measures with external contacts, ensuring compliance with all relevant
client and customer IT policies and implement new security instructions and
policies as and when introduced by the customer
Inform
management of security vulnerabilities.
Lead on cyber
security certification
Specific: Main duties could include providing advice
on:
maintain / built in
security controls & posture during the operation of the system, including any
changes that may include occur on software systems, networks and data centre
looking for vulnerabilities and risks in hardware and software
finding the best way to secure the IT infrastructure of our, the
client and the customers’ organisations, as requested
how to improve defences and cyber resilience at all levels in a
cost-effective way,
constantly monitoring for attacks and intrusions
when the cyber security specialist finds a potential threat or
attempted breach, closing off the security vulnerability following the agreed
processes
identifying trends in attack perpetrators and liaising with the Client as
necessary
Other tasks as given by the Contract Security
Manager or the Project Execution Manager
Qualifications:
Essential:
You possess a Bachelor’s or
Master’s degree in computer science, business administration in
information technology, or a related discipline
You are proficient in mainstream
security monitoring tools (SIEM) and are able to tune/optimise and develop
the effectiveness of the tool over time
You have 5 years operational cybersecurity experience
[AC1] on
Windows, Linux and cloud based services.
Broad
infrastructure and technology background, including Systems Admin on both
Microsoft and Linux platforms, familiarity of mainstream security
appliances, firewalls, VPN gateways, AD etc.
Desirable:
Experience and development using
SPLUNK
Previous experience in a
Security Operations Centre (SOC) environment, applying security policy and
procedures for complex service delivery, as well as managing Cyber
Essentials and Cyber Essential Plus certification.
Understand and optimise the log
collection architecture and best practises, demonstrating a strong knowledge of
frameworks, standards and regulatory requirements related to information
security and data protection, especially some knowledge of the Defence Manual
of Security (JSP 440) and ISO 27001.
You are proficient in modern
programming / scripting languages such as C#, PHP, Java, JavaScript,
Python
Experience of delivering cyber
awareness training to staff
*** تقدم على الرابط التالي : Apply on the following link ***
https://www.akhtaboot.com/en/saudi-arabia/jobs/riyadh/126550—-Cyber-Security—-SIEM-Specialist-at-KBR