Description:
This is a full-time on-site role for a "Systems Security Analyst" at Rasen Horses in Doha, Qatar.
As a Systems Security Analyst, you will play a pivotal role in ensuring the security posture of our systems through rigorous analysis and examine our cybersecurity systems. Leveraging frameworks such as NIST, MITRE, and CISA's cybersecurity mission, you will be responsible for integrating security practices within our development and operations processes. This role requires a deep understanding of systems security principles, as well as the ability to collaborate effectively with cross-functional teams to mitigate risks and enhance our overall security posture.
Responsibilities & Core Tasks:
- Design and develop enterprise security architectures, strategies, and roadmaps to ensure the confidentiality, integrity, and availability of systems and data.
- Evaluate and recommend security technologies, tools, and products offers and tenders related to security systems solutions : EDR/XDR/NDR ,IDS/IPS, Firewalls, SIEM, Sandboxing, NAC's both for (Hardware & Software) to meet business requirements and mitigate security risks.
- Analyze and report organizational and system security posture trends using frameworks like NIST, MITRE ATT&CK, OWASP and CISA's guidelines.
- Apply security policies and assess access controls based on principles of least privilege and need-to-know.
- Develop a set of security controls base on Zero-Trust to mitigate the risks identified in this could include implementing security software and improving physical security measures.
- Monitor security systems for incidents and vulnerabilities and respond to security incidents.
- Assess configuration management processes and the effectiveness of security controls.
- Identify all the assets that need protection and Conduct a comprehensive assessment of all possible vulnerabilities so to Develop a set of security controls to mitigate the risks and Develop a detailed plan to address all identified risks and vulnerabilities.
- Ensure all systems security operations and maintenance activities are properly documented and updated.
- Developing mechanisms for analyzing and processing information on cyber threats from various sources, and providing information about the actors, their plans, methods, techniques, and IOC's associated with them.
- Provide cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
- Collaborate with development and operations teams to integrate security measures into the development lifecycle.
- Conduct automated and manual security testing DevSecOps to identify vulnerabilities and ensure compliance with security standards.
- Provide training and support to teams on security best practices and tools.
Qualifications
- Analytical Skills including the ability to analyze network and systems security.
- 3+ years of experience in cybersecurity, systems analysis, Systems Integration & Infrastructure Design.
- Comprehensive knowledge of security frameworks such as NIST, MITRE, and CISA's cybersecurity guidelines.
- Comprehensive knowledge of Threat Intelligence and Threat Hunting Platforms.
- Familiarity with DevOps Automation and SIEM/SOC tools Splunk, Qradar, Elasticsearch, Tenable Nessus, Crowd strike, or similar services .
- Excellent Knowledge on EDR/XDR/NDR solutions .
- Relevant security certifications such as CC, CISSP,CASP+, Cysa+,Security+,eJPT OSEP,CRTP are a plus .
- Auditing and Compliance Certifications such as CISA, PCI-ISA, and PCIP are a plus.