IT Security Analyst

Definite Contract: 31 December 2027


JOB OBJECTIVE

Ensure protection of Q-Chem's assets by identify, analyse and mitigate security threats and vulnerabilities. Plays a crucial role in developing and enforcing security policies and procedures to promote a culture of security within Q-Chem. Responsible to implement the cyber security controls mandated by National Cyber Security Agency (NCSA) as part of the on-going audits. handling resources in Information security to manage the peak loads during cyber-attacks and handle incident responses and other aspects of cyber security. Manage the peak loads during cyber-attacks and handle incident responses and other aspects of cyber security. responsible for implementing the technical controls that will be provided to Q-Chem in the Roadmap by NCSA.


KEY ACCOUNTABILITIES

Routine Duties

Plan for disaster recovery and create contingency plans in the event of security breaches.

Keep up to date with latest technology and research emerging cyber security threats and ways to manage them.

Liaise with the NCSA and other stakeholders in relation to cyber security issues roadmap and provide solutions and implement and lead the initiatives.

Lead all technical audits conducted by the internal and external auditors.


IT Operations and Technical Support

Handle security alerts and incidents that are reported.

Investigate and follow the Incident Response procedure for handling all types of incidents.

Monitor for attacks, intrusions and unusual, unauthorized, or illegal activity.


Developing organization wide security protocols

Test and evaluate security products, design new systems, and manage their upgrade, use tools to identify potential weakness and threat patterns and vulnerabilities in our systems.

Identify security products and implement measures like security devices and controls like encryption.

Monitor the Identity and access management, including monitoring for abuse of permissions.


Vulnerability Management

Work with the teams to perform tests and uncover security vulnerabilities in the systems and network.

Fix detected vulnerabilities to maintain a high security posture.

Perform vulnerability analysis and penetration testing.


Liaise with ICS Security

Co-ordinate with the various ICS Security teams at the plants to identify any risks related to IT/OT Convergence, participate in architecting new solutions and identifying risks for new deployments in the ICS and plant systems.

Provide guidance by following the international standards like ISA 62443.

Design security controls to protect the IT and OT systems and networks in scope.


Policies, Systems, Processes and Procedures

Comply with all the policies, processes, standard operating procedures, rules and regulations relating to computer systems and peripheral equipment, so the work is carried out in a controlled and consistent manner.


Quality, Health, Security, Safety and Environment

Ensure compliance with regulatory requirements and relevant quality, health, safety, security and environmental procedures and controls across the Department to guarantee employee safety and delivery of high-quality products/services.


Reporting

Develop reporting for the technical and non-technical staff, Leadership. Translate the technical controls into meaningful metrics to drive the strategy. Develop and document incidents and generate reports for team members and key staff. Deliver Awareness sessions to users.

Generate reports for both technical and non-technical staff and stake holders.


QUALIFICATIONS & EXPERIENCE

Education

Required: Bachelor's degree in IT/Computer Science or any related discipline.

Preferred: Master's degree in IT/Computer Science or any related discipline.


Experience

Required: 5-7 years of experience in a similar position/ field.

Preferred: Experience in Petrochemicals Industry. Good understanding of the OT Security and IS 62443


Professional Qualification

CCNA, OSCP, CompTia Security Plus, Sans Incident Handling Certifications/ GCIH, Blue Team security trainings preferred.


Languages

Required: English - proficient.

Preferred: Arabic - working knowledge .

تاريخ النشر: ١٥ سبتمبر ٢٠٢٤
الناشر: LinkedIn
تاريخ النشر: ١٥ سبتمبر ٢٠٢٤
الناشر: LinkedIn