Electrical Engineer - Dubai, United Arab Emirates - Wood Dubai

    Wood Dubai
    Wood Dubai Dubai, United Arab Emirates

    2 weeks ago

    Default job background
    Description
    IT Analyst- Cloud-Based Ext


    Attack Surface MgmtWorking Location:

    Mons, BelgiumSecurity Clearance:
    NATO SecretLanguage: High proficiency level in English language


    EXPERIENCE AND EDUCATION:

    Essential Qualifications/Experience:
    Bachelor's degree in Computer Science, Information Technology, or related field or equivalent experience3+ years of experience in IT security, with a focus on Security Audit and/or Security Assessment of large organizationStrong understanding of security best practices and experience with cloud-based infrastructureKnowledge of relevant NATO standards and regulationsAbility to understand and interpret the outcomes of security audit reports (NATO high side network)Experience with threat intelligence, incident response and remediation a plusKnowledge of NATO organization and its IT infrastructure is a plusCertifications such as CISSP, CISM, or CISA is a plus


    DUTIES/ROLE:
    On a daily basis, monitor and analyze EASM data to identify and respond to potential threatsConfigure and maintain the cloud-based EASM tool including the process to authorize users to access the EASM toolCollaborate with other members of the NATO Security Teams to ensure the protection of enterprise assetsEnsure remediation and mitigations recommendations are compliant with relevant NATO standards and regulationsStay current with emerging security threats and technologiesActively engage in the remediation process, follow its progress and report on it


    Deliverables:

    Daily:
    maintain a comprehensive list of all vulnerabilities being taken care of, along with their remediation or mitigation status.

    The dataset shall be updated no later than 2 working days after the notification of a change is receivedWeekly:

    deliver a comprehensive vulnerability report to the SDM and SAO, taking into account all vulnerabilities posing a security risk to the monitored organization, remediation actions recommended to the system/application owners and the status of the recommended actions.

    The weekly report is expected to be delivered each first working day of a calendar week, before Close of Business.

    No weekly report is due if that week does not include any working day (for instance:
    long official holidays such as Christmas break)

    Monthly:

    deliver vulnerability report to the SDM and SAO, with an overview of the critical/high vulnerabilities identified, the status of the recommended actions to show in a graphic way the trend of the security posture of the internet facing services.

    The monthly report is expected to be delivered within 5 working days after the last working day of the past monthYearly:

    deliver a report to the SDM and SAO, with a summary of all events and actions that occurred during the year.

    The yearly report is expected to be delivered within 15 working days after the last working day of the past year

    #J-18808-Ljbffr