Purpose / Job Description
A cybersecurity Operations Senior Analyst serves as the technical expert on Cybersecurity analytics, cybersecurity tools, data protection, threat detection, response and recovery.
Strategic Importance
§ Analyze and monitor cyber security logs to identify/report any threats or potential risks (SOC monitoring)
§ Assist in designing solid security architecture with cost-effective security tools to keep MEDGULF always safe and protected from new threats/zero day’s attacks and other malwares.
Accountabilities & Responsibilities
· Understand threat intelligence and help to treat Threats, Vulnerabilities, and Exploits in MEDGULF IT landscape.
· Have wide knowledge and exposure to infrastructure systems like (Active directory, windows servers, Domain controllers, proxies, virtualization, etc.)
· Conduct daily security health checks and reports to proactively capture and detect any security threats/malicious events.
· Professional handling of security incidents with timely response and recovery
· Maintain proficiency in security exploitation tools, attack techniques, procedures and trends.
· Maintain an up-to-date comprehension of emerging trends in information security in general to identify and resolve Cybersecurity challenges
· Develop and present timely and accurate security design and architectural review reports
· Perform cybersecurity analysis in accordance with a defined methodology in order to produce the strengths and weaknesses in MEDGULF security postures.
· Responsible for RCA Reports related to cybersecurity / information security incidents
· Support the detection, identification, and reporting efforts of possible cyber-attacks and intrusions, ransomware, zero day attacks.
· Support the detection of security gaps/weaknesses on IT systems by conducting vulnerability assessment & Penetration testing.
· Characterize and perform analysis of network traffic and system data to identify anomalous activity and potential threats to resources.
· Responsible of managing/implementing Security Information & Event Management solution (SIEM)
· Prepare detailed network defense improvement recommendations to close/mitigate incidents
· Enhance behavioral analysis and signature-less techniques to enhance protection of end-points security
· Frequently perform an authorization and access rights review to ensure only authorized users have the right access to the targeted systems/servers.
· Technical certification is preferred on Windows servers, Proxies & Firewalls, networking, other Forensics & security tools
· Have knowledge of digital forensics and investigation methodologies.
· Must have one the specified Information security / Cybersecurity related Certifications (CISSP, CSSLP, CCFP, CSP, etc.)
The Mediterranean and Gulf Insurance and Reinsurance (Medgulf) is a leading regional insurance group providing the retail & institutional markets with comprehensive insurance coverage through its operations in various countries in the region. Medgulf consolidated its activities since 1980 through successive acquisitions and mergers to provide a full range of insurance and reinsurance products and services. Medgulf has been proudly serving its clients for more than 30 years. Medgulf Group has a workforce of more than 1,400 employees dedicated towards serving its clients. Our specific strengths and experiences in complex products as Engineering Wrap-up Projects, Aviation and Property All Risks, Health and Life covers, have lead the Group to its current prominent position in the insurance market in the region.