Specialist, Incident Response

ADNOC Group


Date: 1 day ago
City: Abu Dhabi
Contract type: Full time
JOB PURPOSE:

Investigate, analyze, and respond to cybersecurity incidents. Investigate security incidents that may negatively impact ADNOC (including hacking attempts, intrusions, virus infections, mishandling of information, and other security threats), provide support during large incidents and investigations, participate in threat hunting activities.

Define, develop, maintain and regularly test incident response processes and procedures.

Define and create use cases and scenarios to address new threats and improve security monitoring and alerting capabilities

KEY ACCOUNTBILITIES:

  • Coordinate and provide expert technical support to enterprise-wide cybersecurity technicians to resolve cyber defense incidents.
  • Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
  • Perform cybersecurity incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.
  • Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
  • Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
  • Track and document cybersecurity incidents from initial detection through final resolution.
  • Perform real-time cybersecurity incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs).
  • Track and document cybersecurity incidents from initial detection through final resolution
  • Write and publish cybersecurity techniques, guidance, and reports on incident findings to appropriate constituencies.
  • Employ approved defense-in-depth principles and practices
  • Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cybersecurity incidents within the enterprise.
  • Write and publish ‘after action’ reviews.
  • Monitor external data sources to keep understanding current cybersecurity threats, stay up to date and determine which security issues may have an impact on the organization.
  • Coordinate incident response functions.
  • Provide expert technical support to resolve cyber defense incidents.
  • Coordinate with threat intelligence analysts to correlate threat assessment data.
  • Report cyber incidents to inform cyber defense.
  • Identify and select most effective sources of information to assist with incident investigation.

Relationship Management

  • Develop and maintain effective business relationships with all relevant internal function, departments and external entities such as shareholders, key government authorities, service providers, vendors and other key stakeholders etc. with highest standards of business ethics, whilst promptly attending to all critical issues in-order to ensure the services required by the organisation are delivered in the most effective manner.

Vendor Management

  • Provide technical expertise and guidance to conduct market analysis for new technological developments and the adaptability of relevant developments on Data Protection within the organisation, in order to support that technology at ADNOC stays current.
  • Lead the provision of technical expertise in developing RFPs and RFQs relevant to Enterprise Architecture; guide and advice the preparation of tendering and contractual documentation to ensure cost effective and quality services are obtained for ADNOC.
  • Guide and participate in the negotiation of contractual terms and Service Level Agreements (SLA) ensuring protection of ADNOC’s interests and receipt of optimum level of services to facilitate IT operations.

Supervision

  • Plan, supervise and coordinate all activities in the assigned area to meet functional objectives.
  • Train and develop the assigned staff on relevant skills to enable them to become proficient on the job and deliver the respective business objectives.

Budgets

  • Provide input for preparation of the Function / Division / Department / Section budgets, assist in the implementation of the approved Budget, and work plans to deliver business objectives.
  • Investigate and highlight any significant variances to support effective performance and cost control.

Policies, Systems, Processes & Procedures

  • Implement approved Function/ Division/ Department/ Section policies, processes, systems, standards and procedures in order to support execution of the work programs in line with Company and International standards.

Performance Management

  • Contribute to the achievement of the approved Performance Objectives for the Function/ Division / Department/ Section in line with the Company Performance framework.

Innovation and Continuous Improvement

  • Design and implement new tools and techniques to improve the quality and efficiency of operational processes.
  • Identify improvements in internal processes against best practices in pursuit of greater efficiency in line with best industry standards in order to define intelligent solutions for issues confronting the function.

Health, Safety, Environment (HSE) and Sustainability

  • Comply with relevant HSE policies, procedures, controls, applicable legislation, and sustainability guidelines in line with international standards, best practices and ADNOC Code of Practices.

Reports

  • Provide inputs to prepare MIS and progress reports for Company Management.

COMMUNICATIONS & WORKING RELATIONSHIPS:

Internal

  • Frequent contact with Senior Management of all Directorates on key issues relating to Enterprise Architecture and adoption of state-of-the-art technology in line with ADNOC’s vision.
  • Regular contact with the counterparts in ADNOC Group Companies on intra-group coordination on Enterprise Architecture related issues.

External

  • Frequent contact with Contractors/Consultants/Suppliers at managerial level on matters relating to acquisition of IT services for Enterprise Architecture
  • Technical meetings for Enterprise Architecture aspects with contractors and all other teams across ADNOC and other stakeholders.
  • Occasional contacts with senior management of international oil companies for exchange of information/benchmarking/study visits and training programmes.
  • Regular contacts with international IT service providers and telecommunication providers on matters related to IT services and strategic directions.

QUALIFICATIONS, EXPERIENCE, KNOWLEDGE & SKILLS:

Minimum Qualification

  • Bachelor’s degree in Information Technology, Computer Science, Information Security or equivalent.

Minimum Experience & Knowledge & Skills

  • 9 years of experience in information security or related technology experience.

Professional Certifications – Preferred

  • CEH (Certified Ethical Hacker)
  • GIAC Certified Intrusion Analyst
  • GIAC Certified Incident Handler
  • GIAC Certified Forensics Analyst
  • Certified Computer Forensics Examiner
  • Certified Reverse Engineering Analyst
  • CompTIA Cybersecurity Analyst (CySA+)
  • CompTIA Security+

TECHNICAL COMPETENCIES:

  • As per approved Competency Dictionary

23759

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Planning Engineer

Parsons Corporation, Abu Dhabi
19 hours ago
In a world of possibilities, pursue one with endless opportunities. Imagine Next!When it comes to what you want in your career, if you can imagine it, you can do it at Parsons. Imagine a career working with intelligent, diverse people sharing a common quest. Imagine a workplace where you can be yourself. Where you can thrive. Where you can find...

Graduate Engineer (Electrical) - Renewable Energy (Emiratization)

WSP in the Middle East, Abu Dhabi
23 hours ago
What if you could do the kind of work the world needs?At WSP, you can access our global scale, contribute to landmark projects and connect with the brightest minds in your field to do the best work of your life. You can embrace your curiosity in a culture that celebrates new ideas and diverse perspectives. You can experience a world...

Accounting Associate (Local national)

Enerflex Ltd., Abu Dhabi
23 hours ago
SummaryProvide primary support to Business Unit Accountants within the Regional, financial and compliance reporting.Principle Responsibilities and DutiesEnsure accurate and timely processing of all accounting data in SAP e.g. Accounts Payable, Accounts Receivable, General Ledger Reconciliation etc. And ensure they are correctly accounted for within cost center, WBS, or OrdersProcess Non P.O related Invoices in assigned entity or entitiesReconcile vendor account...