Cyber Security Lead

Job description

You:

Are you a diversified professional looking for a role within an ambitious Company? Are you confident, able to influence, challenge and build relationships at all levels? We are recruiting a Cyber Security Lead- to join our exceptional team. This is an exciting and challenging opportunity for someone with proven experience who is personable and capable to quickly establish their credibility.

If you are excited by a challenge, have a can-do attitude and a passion for leaving your mark on an organization then this is the opportunity for you. We want to encourage you to grow and challenge yourself because when we pursue excellence, we create great experiences together and with our customers.

…. Sounds like YOU? Then read on.

In this role you will have the opportunity:

To advance your career and be trained by the top specialists in the industry, work in multiple sites and various type of establishments.

Requirements

  • Monitor all operations and infrastructure to ensure security measures are met in compliance with policies and procedures and KPIs
  • Maintain all security tools and technology assets.
  • Monitor internal and external policy/ regulations compliance.
  • Work with different departments in the organization to identify and plan various risks with action plans.
  • Implement new technologies to mitigate risks.
  • Audit policies and controls continuously. Regularly maintain cybersecurity processes and constantly audit compliance with policies and controls put into place for improvements, remediation, and immediate actions.
  • Ensure cybersecurity stays on the organizational radar.
  • Detail out the security incident response program.
  • Design, test, implement and maintain security controls and standards.
  • Act on privacy breaches and malware threats
  • Serve as a security expert and conduct trainings when needed
  • Draft/ update and maintain policies and procedures
  • Work with architects and engineers to create/ update/ maintain and monitor security standards across
  • Provide security monitoring and incident response services required by the business, in alignment with Cyber Security’s mission to protect Digital Assets (including Industrial Control Systems) to a level of confidentiality, integrity and availability commensurate with the threat to those assets and their value.
  • Act as internal expert on matters relating to intrusion detection and incident response.
  • Lead investigations into network intrusions and other cyber security breaches. Provide a coordinated response to complex cyber-attacks that threaten company’s assets, intellectual property, and computer systems.
  • Contribute to the development and improvement of security monitoring and incident response processes and solutions as required to support our cyber security program.
  • Operate security monitoring and incident response toolsets with a focus on continuous improvement.
  • Research and recommend solutions for incident response and digital forensics.

Daily and Monthly Responsibilities

  • Collect data on current security measures for risk analysis and write regular systems-status reports
  • Constantly monitor for attack and run appropriate defensive protocols if breaches occur
  • Conduct vulnerability testing to identify weaknesses and collaborate with cybersecurity team to update defensive protocols as necessary
  • Audit, verify and report access controls periodically
  • Configure anti-virus systems, firewalls, data centers and software updates with a security-first mindset
  • Grant credentials to authorized users, monitor access-related activities and check for unregistered information changes
  • Help lead employee training against phishing and other forms of cyberattack

To succeed in this role, you should have the following skills and experience:
Mandatory experience

  • Bachelor’s degree in Computer Science, Information Systems, or equivalent education or work experience
  • 4+ years of prior relevant experience
  • Must have proven records of establishing and maintaining IT service Management ISO 20000 and Information security management ISO 27001
  • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, and common security elements.
  • Hands-on experience analyzing high volumes of logs, network data, and other attack artifacts in support of incident investigations
  • Experience with vulnerability scanning solutions
  • Familiarity with the Information Assurance Vulnerability Management program.
  • In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform

Other Qualification

  • Preferably certified in one of more of the following CEH, CompTIA Network+, CPT, CEPT, CWAPT, CREA
  • CompTIA Security+, Cisco Certified Entry Networking Technician (CCENT), Cisco Certified Network Associate – Routing and Switching (CCNA), Cisco Certified Network Associate – Security (CCNA-Security), Microsoft Technology Associate (MTA) – Windows Server Administration Fundamentals
  • Certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification
  • Excellent verbal and written communication skills
  • Strong critical thinking, problem-solving, logic, and forensics skills
  • Ability to work successfully in both individual and team settings
  • Ability to think like a hacker to stay one step ahead

Mandatory Skills:

  • Experience with SDWAN
  • Experience working DevOps and DevSecOps
  • Ransomware Attacks preventions
  • Code Injection / Remote Code Execution
  • Cross-Site Scripting Attacks
  • Data Breach
  • Malware and Virus Infection
  • DDoS Attack
  • Credential Stuffing Attack
  • Brute Force Attack
  • Passwords and Authentication management
  • Social Engineering skills
  • SPAM and Phishing
  • Insider Threat
  • Data Leak
  • Patching management
  • Expert on all 7 security layers
  • ISO 27000
  • ISO 20000
  • Vulnerability management
  • Data Loss prevention
  • Data, SW, HW, Network Security
  • Information security policies
  • Network troubleshooting
  • Firewall administration
  • Network protocols, Routers, hubs, and switches
  • Process improvement
  • Confidentiality management
  • Authentication
  • Integrity
  • Non-Repudiation
  • Access control management
  • Availability

Benefits:

In return, we offer you a path towards your most rewarding career and an opportunity to be part of one of the leading family groups within the UAE. Additionally, we provide a competitive benefits package for all successful candidates.
Location: Abu Dhabi

What will it be like to work for United Al Saqer Group?

Established more than 37 years ago, the United Al Saqer Group (UASG) is one of the leading multi-sector business groups in the United Arab Emirates. The UASG owns and operates a diverse yet complementary portfolio of six UAE-based companies encompassing several key industry sectors, which includes Abu Dhabi Motors, Dalma Motors, Al Saqer Heavy Equipment, Al Saqer Property Management, Awraq Islamic Financial Brokerage, Royal International Construction, and Royal Joinery.