Information Security Analyst

ParamInfo


Date: 2 weeks ago
City: Abu Dhabi
Contract type: Full time
Job Description

Job Title: Information Security Analyst

Job Location: Abu Dhabi

Roles & Responsibilities

Penetration Testing and Red Teaming:

  • Conduct comprehensive penetration testing and red teaming exercises on systems, networks, applications and mobile to identify vulnerabilities and potential entry points for attackers.
  • Develop and execute custom tools and scripts to automate testing and exploitation processes.
  • Analyze and report on findings, providing detailed explanations of vulnerabilities and recommended remediation steps.
  • Simulate advanced persistent threats (APTs) to test the resilience of security controls and incident response capabilities.
  • ASM: Continuously discover and catalog all assets, including hardware, software, and network components.
  • ASM: Monitor the attack surface for changes and potential vulnerabilities, using automated tools and manual assessments.

Vulnerability Assessment

  • Perform thorough vulnerability assessments to identify and prioritize security weaknesses.
  • Utilize industry-standard tools such as Qualys, Nessus or Nexpose and methodologies to uncover vulnerabilities in various environments.
  • Provide actionable recommendations for remediation and mitigation strategies.
  • Patch management

Threat Modeling And Risk Assessment

  • Conduct threat modeling and risk assessments to identify potential attack vectors and vulnerabilities
  • Develop and maintain a comprehensive understanding of our systems, networks, and applications to identify potential vulnerabilities
  • Provide recommendations for remediation and mitigation strategies

Incident Response And Crisis Management

  • Participate in security incident response and crisis management efforts as needed
  • Collaborate with incident response teams to contain and remediate security incidents
  • Provide technical expertise and guidance during incident response efforts

Security Research And Development

  • Stay up-to-date with the latest security threats and trends, and adapt testing methodologies accordingly
  • Develop and maintain a comprehensive knowledge of industry-leading security tools and technologies
  • Participate in security research and development efforts to identify and develop new testing techniques and methodologies

Collaboration And Communication

  • Collaborate with development teams to implement security patches and fixes
  • Provide technical guidance and support to development teams on security-related issues
  • Communicate complex technical information to non-technical stakeholders in a clear and concise manner

Reporting And Documentation

  • Develop and maintain detailed reports on findings, including vulnerability assessments, penetration testing results, and recommendations for remediation
  • Document testing methodologies, tools, and results in a clear and concise manner
  • Maintain accurate and up-to-date records of testing activities and results

Mandatory Requirements

  • Bachelor's degree in Computer Science, Information Assurance, or a related field
  • OSCP, CEH, or other relevant certifications
  • 5+ years of experience in penetration testing, vulnerability assessment, or a related field
  • Strong understanding of networking protocols, operating systems, and applications
  • Proficiency in programming languages such as Python, C++, or Java
  • Experience with penetration testing frameworks and tools such as Nmap, Nessus, Burp Suite, or Metasploit
  • Strong analytical and problem-solving skills
  • Excellent communication and reporting skills
  • Ability to work independently and as part of a team
  • Strong attention to detail and ability to maintain accurate records
  • Ability to work in a fast-paced environment with tight deadlines

Preferred Additional Requirements

  • Experience with cloud-based technologies and cloud security
  • Familiarity with Agile development methodologies
  • Strong understanding of compliance and regulatory requirements (e.g., GDPR, PCI-DSS)
  • Experience with security orchestration, automation, and response (SOAR) tools
  • Familiarity with threat intelligence and threat hunting

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Piping Engineer

Rely, Abu Dhabi
29 minutes ago
Job DescriptionWe are currently seeking Piping Engineers, you will be operationally reporting to the Piping Lead Engineer and functionally to Piping-HOD, based in Abu Dhabi, UAE.About The RoleYour main missions and responsibilities will be to:Technical management of the piping personnel under his responsibilities. Provide guidance to all team members with proper work distribution.Coordination activities with specialists engineers like stress and...

GCC Healthcare Technological and MEP Systems - Program and Proposal Engineer

RINA, Abu Dhabi
5 hours ago
RINA is currently recruiting for a GCC Healthcare Technological and MEP Systems - Program and Proposal Engineer to join its office in Abu Dhabi within the Italy Infrastructure & Mobility Division.MissionJob Description: Senior Healthcare Technological and MEP Systems Program and Proposal EngineerLocation: Abu Dhabi, UAEDepartment: Infrastructure & Mobility Business UnitPosition OverviewRINA Consulting is seeking a highly experienced and driven Senior...

Director- GM Sales - PCG

First Abu Dhabi Bank (FAB), Abu Dhabi
5 hours ago
Company DescriptionJoin UAE’s largest bank and one of the world’s largest and safest financial institutions. Our focus is to create value for our employees, customers, shareholders and communities to grow through differentiation, agility and innovation. We are looking for top talent and your success is our success. Accelerate your growth as you help us reach our goals and advance your...