Keolis Hiring for SECOPS Analyst Job at Dubai Full Time

The primary responsibility of a SECOPS Analyst is to ensure that the Dubai Metro and Dubai Tram information & assets are protected from compromise arising from unauthorized access (Confidentiality risk), unauthorized alteration of data/information (integrity risk) and denial of service (availability risk). As such, he/she ensures the protection of IT/OT infrastructures of the Dubai Metro and Dubai Tram whether on premise (in the data centre) or cloud based (e.g. Microsoft or Oracle cloud, Azure SaaS) as well as confidential customer/business data by having visibility on all vulnerabilities, threats and threat sources for effective mitigation and defense before occurrence of a breach. This is achieved through prompt identification and detection of suspicious/malicious activities with a corresponding treatment plan in place to mitigate the impact or occurrence of such activities. Where breaches do occur, SECOPS Analyst is primarily responsible for defending the Dubai Metro and Dubai Tram from such threat by countering the attack. The SECOPS Analyst is duty bound in ensuring that incidents are properly escalated and treated in line the incident response plan/procedure.

The SECOPS Analyst must have visibility on activities performs in all information assets within Dubai Metro and Dubai Tram such as perimeter firewall, core network devices (switches, routers, intrusion prevention systems, intrusion detection systems), virtualized infrastructure (VMware, ESXi Host), enterprise servers (Windows, UNIX, LINUX), databases, enterprise backup and storage systems, endpoints (workstations, laptops, PDAs, mobile devices), voice communication devices (VOIP) and other enterprise infrastructures. Thus, he/she must ensure that at the minimum, critical assets of the organization as highlighted above are within his/her monitoring scope.

MAIN RESPONSIBILITIES Respond to Cyber Threats from the Cyber Security Operations Center (CSOC), ECC or Maintenance Centre and control the impact. Monitor, analyze, and interpret security/system logs for events, operational irregularities, and potential incidents and escalating issues as appropriate Implement, utilize, tune, and administer security tools such as endpoint protection, network analysis, SIEM, and other essential security solutions Provide support to remediate vulnerabilities such as patching, implementing controls to mitigate risk, and ensuring secure configuration of systems Act as an Incident Response team member when the incident response team is active. Incident response tasks may be identification, log and event collection and analysis, forensic investigation support, communication support, and evidence handling Audit the Rail Systems to provide reports on IT/OT misuse. Competent in Cybersecurity threat Management. Follow the relevant procedures and work instructions to ensure compliance with the required requirements. Drive work vehicles when responding to emergencies and when required on duty; Perform shift and emergency duties when required; Perform and carry out duties as instructed/ directed by the SECOPS Manager/Engineer and SECOPS Senior Analyst. Upgrade of the virus definitions of Rail OT/IT machines. Log and report on the Cybersecurity posture and conditioning of Rail OT/IT machines. Responsible for working in a 24×7 Cybersecurity Operation Centre (CSOC) environment. Investigate, document, and report on information security issues and emerging trends. Provide Incident Response (IR) support when analysis confirms actionable cyber-incident. Respond to previously undisclosed software and hardware vulnerabilities

KNOWLEDGE REQUIRED Good technical knowledge in Cybersecurity Operation for Operational technology, Industrial controls systems and Information Technology. Understanding of database structure and queries. Good knowledge of network and Security services. Good knowledge of exploits, vulnerabilities and Incident Management. Good knowledge of Programming language and Scripting.

KEY SKILLS Network traffic and log analysis. Insider threat and advance persistent threat detection. Malware analysis and forensics. IDS monitoring and analysis. Security incidents investigation, evidence gathering and expert witnessing. Creation and deployment of security alert notifications. Understand and operate Security Information and Event Management (SIEM), File Integrity Monitoring (FIM) and Database Activity Monitoring (DAM) tools, e.g. Arc sight, Tripwire, etc. TCP/IP, computer networking, routing and switching. Penetration testing and vulnerability assessment. Operating systems (e.g. Windows, UNIX and Linux). Network protocols and packet analysis tools. Anti-virus and anti-malware, endpoint security and data loss prevention tools.

EXPERIENCE Minimum 2 years of Security Operations for IT/OT related experience.

EDUCATIONAL & PROFESSIONAL QUALIFCATIONS Vocational trade certificate or diploma in Information Technology discipline or equivalent. CSX, ECSA, CySA+ etc.