Description
Job Purpose
Supports the Lead of SOC by investigating suspected attacks. Recognizes when the company's IT network/ system has been attacked, responds to security breaches in line with the company's Information Security policies and records the incidents and action taken. Takes immediate action to categorize and limit damage
Job Context & Major Challenge
• Understanding of security operations 24x7
• Supporting the Lead of SOC in dealing with an increased cybersecurity risk due to the geopolitical situation
• Contributing to the ongoing continuous improvement due to the current maturity level and the changing IT landscape
• Keeping up to date with IT/ Information Security and developments
Key Job Accountabilities
• Contributes to digital forensic activities in pursuance of investigations and incident response. Performs repeatable, admin intensive processes by using industry established protocols and best practices.
• Can demonstrate awareness of best practice, including legal matters, to ensure all activities conducted in a forensically safe manner when handling exhibits. This includes labelling of evidence, not making changes or interfering with evidence and understanding implications and documenting where this has occurred.
• Follows procedures to investigate incidents and conduct forensic analysis.
• Interprets security and assurance policies and contributes to development of standards and guidelines that comply with these, to enable effective assessment of risks to information availability, integrity, authentication, and confidentiality.
• Contributes to vulnerability assessments. Identifies potential threats to the confidentiality, integrity or availability of the system. Determines when security issues should be escalated to a higher level, to enhance resilience to unauthorised access.
• Investigates suspected attacks. Recognises when an IT network/ system has been attacked, e.g. by a remote host, or by malicious code, such as virus, worm or Trojan etc., or when a breach of security has occurred. Responds to security breaches in line with security policy and records the incidents and action taken. Takes immediate action to categorise and limit damage, according to the organisation's security policy, which may include escalation to next level, and records the incident and action taken.
• Performs basic risk assessments for small information systems. Applies procedures to assess integrity of information in accordance with information security policies and standards.
• Communicates information security issues effectively to business managers, users of systems and networks.
•Following agreed procedures, identifies, registers and categorises incidents.
• Gathers information to enable incident resolution and promptly allocates incidents as appropriate
Qualifications and Experience
• Bachelor’s degree in Computer Science, Information Technology, Information Systems or other relevant discipline
• 5 years’ Information Security experience in a similar position ideally within the oil/gas industry.
• Understanding of relevant Information Security national and international standards.
• Attain and maintain experience in accordance with relevant IT competency frameworks.
• Knowledge of Information Security coupled with equivalent knowledge of the activities of those businesses and other organizations that employ IT.
• Understanding of the principles and practices involved in development and maintenance of SOC requirements