The Arab potash company (APC) is looking for a motivated and passionate candidate to be part of the information security team. He/She will be responsible for supporting the day-to-day operations and configurations of information security systems used by APC, including responsibility for tests to assess information security systems effectiveness, and subsequently working on overcoming emerging vulnerabilities. The successful candidate will also be responsible for controlling user`s access and following up on misusages. He/She will ensure proper information security levels and protecting assets, solutions, and operation systems from security threats.
Conducting cybersecurity assessment against network and infrastructure and build strategies and remediation roadmap.
Performing analytical analysis focused on computer operating system logs, vulnerability scans, trace data, firewall and server logs, and other available information.
Perform threat management, threat modelling, and identify threat vectors and develop use cases for security monitoring.
Perform infrastructure penetration testing and vulnerability assessments.
Define and verify the appropriate security controls and counter measures.
Participate in the selection, evaluation, implementation, and management of all security systems, such as firewalls, enterprise antivirus, intrusion detection, remote access, engineering of servers, feeds, application protection, and encryption.
Support the introduction and improvement of cyber security initiatives and requirements in line with current best practices.
Provide administrator responsibilities for security tools and systems where required.
Follow up and investigate systems misusage and information leakage, and report and discuss such issues with the relevant parties to take the proper preventive measures for the future.
Analyze operational logs and events to find the root cause of security-related offences and identify potential security events.
Monitor the logs generated by SIEM, NGFWs, WAF, etc. also, to validate if they are legitimate or false positive and take appropriate action accordingly.
Research the latest cyber security solutions and lead and manage their implementation at APC.
Perform other duties as required.
5 years of experience in network and information security.
Professional Security certification is a must (CCNP, SSCP, CISSP, CCIE. GIAC, CIHE, CEH or CPTE, Security+, IPS/IDS etc.
Bachelor’s degree in Computer Science, Computer Engineering, Information Security, or similar major
Solid analytical skills
Knowledge in security testing tools
Experience in configuring and hardening Cisco Routers, Firewalls, VOIP solutions
Experience in configuring and hardening Microsoft O365 and Windows OS
Deep knowledge in Security concepts & Analysis skills.
Experience in WAF solutions for WEB & APP.
Strong understanding and knowledge in networking systems and network protocols with experience in configuration of routers and switches.
Knowledge of TCP/IP communications and how industrial protocols and applications work at the network level, including DNS, HTTP, and SMB.
Experience with VPN, SSL, and other encryption methodologies.
Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies.