Cyber Security Analyst

Location Egypt
Job type: Permanent
Job ref: 32546
Published: about 1 month ago

Start: ASAP

Location: Remote (Egypt)

Role: Permanent

Qualifications of the Role:

  • Bachelor's degree in computer science, Information Security, or related field.

  • The candidate must have extensive experience in incident handling and reporting (at least 3 years in a similar role).

  • Professional certifications related to incident response is preferable.

  • Strong analytical and problem-solving skills.

  • Knowledge of network security zones, Firewall configurations, IDS policies.

  • Knowledge of systems communications from Layer 1 to 7.

  • Experience with Systems Administration, Middleware, and Application Administration.

  • Experience with Network and Network Security tools administration.

  • In-depth experience with log search tools and usage of regular expressions.

  • In-depth knowledge of packet capture and analysis.

  • Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat).

  • Ability to create a containment strategy and execute it.

What We Are Looking For?

  • Robust knowledge of Cybersecurity regulations, standards and controls.

  • Fluent in Cyber Incident Detection, Response and Management

  • Strong understanding of ICT, including Hardware, Software and Networks.

  • Expertise in preparing and analyzing Cybersecurity reports.

  • Experience in ICT / Cybersecurity Audit / Compliance / Regulatory discussions Professional Certification: Security+, CCNA or CCNP – NSE4A

  • collaborative team player who fosters a culture of continuous improvement and empowers team members to achieve their best.

  • An individual with a strong commitment to quality, accountability, and ethical practices in project and change management.

  • A candidate with a passion for mentoring and developing talent within the information and cyber security management functions.

  • Fluent in Arabic is preferred

What You Will Be Doing in the Role?

  • Provide investigation for escalated security incidents.

  • Check for false positive & duplicates.

  • Provide communication and escalation throughout the incident per the CSIRT guidelines.

  • Communicates directly with data asset owners and business response plan owners during high severity incidents.

  • Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets.

  • Perform analysis of log files to collect more contextual information in order to triage the security threat.

  • Provide forensics analysis and investigation.

  • Drives containment strategy during data loss or breach events.

  • Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs).

  • Works directly with data asset owners and business response plan owners during high severity incidents.

  • Provide tuning recommendations to administrators based on findings during investigations or threat information reviews.

  • Collect contextual information and pursue technical root cause analysis and attack method analysis.

  • Make content determination to treat the alert as a security incident and assign a severity level.