Senior Associate - Information Security

Roles And Responsibilities

• Proactively identify gaps to detect potential intrusion attempts, data exfiltration, lateral movement
• Seek out indicators of compromise and update security devices such as Firewalls, Web Application Firewalls, Email Gateway, SIEM etc
• Develop custom detection rules & queries to identify threats in Cloud IaaS, PaaS, API abuse, On-prem environments
• Work in coordination with Security Operation Center to monitor security logs of all technology assets to detect anomalies and threats. Address cloud specific attack vectors such Identities, insecure API, data exposure due to misconfigured storage services
• Implement & maintain container security (DevSecOps) monitoring solutions to ensure the integrity & security of containerized application running in cloud environment
• Utilize API security tools to monitor & protect cloud API from abuse, unauthorised access, and injection attacks
• Investigate incidents and review security logs of critical business applications & infrastructure on regular basis
• Implement serverless security monitoring anomaly detection to detect potential threats targeting serverless application development
• Assess current security state and provide actionable recommendations to strengthen the environment of Aldar & Group subsidiaries technology landscape
• Identify & report security incidents promptly. Follow-up with IT Admins on the status of security incidents raised by Security Operation Center (SOC). Co-ordinate with Security Operation Center team and IT Administrators to resolve identified security incidents promptly
• Collate security incidents data & prepare Information Security Dashboard on regular basis
• Continuously review and enhance cloud & on-prem monitoring strategies, considering the emerging threat landscape and cloud environment changes
• Keep up-to-date with latest IT security threats and enrich security tools with latest UAE / MENA region specific threat intel
  
  

Qualification And Experience

RELATED YEAR OF EXPERIENCE:

Min of: 5 years of experience in a Security Assessments.

Technical And Interpersonal Skills

• Strong communication and interpersonal skills
• Knowledge of Information Security Standards/Practices and regulatory/compliance requirements
• Technical proficiency in security-related hardware and software
  
  

QUALIFICATION

• Bachelor’s degree in computer science or a technical discipline relevant to IT Security
• One or more relevant security certifications preferred – Microsoft Azure Security Technologies Associate (AZ-500), Certified Kubernetes Security Specialist (CKS), CompTIA Cloud+ (CCSP+), (ISC)2 CCSP
  
  

KEY RESULT AREAS

• # of incidents identified & closed
• Security Breaches (# of intrusions resolved & prevented per year)
• Incident resolution as per SLA
• Issues/problems resolution rates