Job Description
About the Company
One of our clients, “A company in Yemen", is seeking to recruit a highly qualified employees in Incident Analyst and Penetration Tester. Where that company always relies on the recruitment of those with excellent educational qualifications and reputable people, and also to provide exceptional job opportunities.
Incident Analyst and Penetration Tester - Multiple
Travel Requirement: No
Place: Sana’a Governorate
End Date: 02 November 2024
Main Tasks:
- Monitor security event logs and alerts from various sources, including intrusion detection/prevention systems, firewalls, endpoint security solutions, and security information and event management (SIEM & SOAR), EDR, Identity management, and information security systems
- .Investigate and analyze security incidents, including malware infections, unauthorized access attempts, data breaches, and other cybersecurity threats.
- Conduct forensic analysis of security incidents to determine the root cause, extent of impact, and potential remediation measures.
- Coordinate with internal teams and external stakeholders to assess the severity and impact security incidents, prioritize response efforts, and implement incident containment and mitigation strategies.
- Document and report security incidents, including findings, analysis, and remediation actions taken, in accordance with established incident response procedures and regulatory requirements.
- Provide recommendations for enhancing security controls and measures to prevent future incidents and improve the organization's overall security posture.
- Participate in incident response exercises, tabletop simulations, and post-incident reviews to evaluate the effectiveness of incident response procedures and identify areas for improvement.
- Stay updated on emerging cyber threats, vulnerabilities, and attack techniques through threat intelligence feeds, security advisories, and industry publications.
- Collaborate with cross-functional teams, including IT, legal, and compliance ensure alignment of incident response activities with business objectives and regulatory requirements.
- Assist in the development and implementation of incident response plans, playbooks, and standard operating procedures to streamline incident detection, response, and recovery processes.
- Conduct security assessments and penetration tests to identify vulnerabilities and assess the security posture of the organization's systems and networks.
- Conduct security awareness training and provide guidance to employees on security best practices and procedures.
- Mitigate and resolve vulnerabilities found in systems and implement a solution for risks and threats.
Qualification and experience:
- Bachelor’s degree in computer science, Information Technology, Cybersecurity, Big Data or a related field.
- Relevant certifications such as GIAC Certified Incident Handler (GCIH), Certified Incident Response Handler (CIRH), Certified Ethical Hacker (CEH) or other incident response certifications.
- Proven experience in cybersecurity roles, with a minimum of 2 years of experience in incident detection, analysis, and response.
- Proficiency and excellent English language (speaking / writing).
Personal qualities and skills:
- Strong analytical and problem-solving skills to investigate and analyze security incidents effectively.
- Knowledge of cybersecurity principles, attack vectors, and common security threats.
- Familiarity with incident response frameworks and methodologies, such as NIST SP 800-61 and SANS incident handling process.
- Proficiency in using security tools and technologies for incident detection, analysis, and response.
- Excellent communication and interpersonal skills to collaborate with cross-functional teams and communicate effectively with stakeholders.
- Ability to work under pressure and respond to security incidents in a fast-paced environment.
- Attention to detail and accuracy in documenting incident findings and remediation actions.
- Continuous learning mindset with a commitment to staying updated on the latest trends, technologies, and best practices in incident response and cybersecurity.