Role Purpose
The IT Security Operations Analyst is responsible for managing the security of IT infrastructure, endpoint devices, user identities, access rights and data protection. They implement security and data protection measures, monitor for threats, respond to security incidents, manage user identities and access rights, and ensure compliance with Saudi data protection and cybersecurity regulations.
Key Responsibilities/ Accountabilities
- Implement and manage security controls for ASMO's IT infrastructure including cloud workloads and endpoint devices.
- Monitor security systems and tools to detect and respond to security incidents and vulnerabilities.
- Ensure that any unauthorized access, misuse, modification or denial of a network resource or network itself is detected and prevented
- Configure and maintain the virtual private network, firewalls, web content filtering and email security
- Configure network intrusion detection and prevention. Setup and monitor sandboxing solutions
- Implement zoning and configure the network for proactive monitoring
- Work with different technical teams to and implement a stable, secure and optimized endpoint environment for employees
- Ensure mobile devices used to access corporate data and applications are protected by Mobile Device Management (MDM) solutions. Report endpoint compliance to security leadership
- Conduct vulnerability assessments and penetration testing to identify and remediate security risks.
- Collaborate with cross-functional teams to ensure compliance with security policies, standards, and regulations.
- Work with SOC team to investigate and respond to security incidents, including conducting root cause analysis and implementing corrective actions.
- Develop and maintain documentation related to security configurations, procedures, and incident response plans.
- Stay updated on emerging threats and vulnerabilities and recommend security enhancements
- Design, implement, and maintain identity and access management systems and processes.
- Manage user provisioning, deprovisioning, and access request workflows.
- Enforce access controls, authentication mechanisms, and role-based access policies.
- Operate identity related systems including Privileged Access Management, Multi-factor Authentication, NAC authorization and Identity Management
- Developing the architecture, design and standards of Identity Governance infrastructures including Active Directory, SAML, ADFS, Azure, Enterprise Authentication, Single Sign-on and Provisioning systems
- Develop and implement data protection measures, including encryption, data loss prevention and data classification.
- Enforce usage of data classification and labeling tools
- Generate reports that indicate the level of compliance and effective protection of data
- Conduct periodic access reviews and audits to ensure compliance with data protection regulations.
- Collaborate with business units to define access requirements and implement appropriate access controls.
- Provide user training and support on IDAM systems and data protection best practices.
Knowledge & Experience
Bachelor's degree in computer science, information technology, or equivalent from a recognized and accredited university is required
Master's degree in computer science, information technology or equivalent from a recognized and accredited university is preferred
Certifications in information security (e.g., CISSP, CISM, CIAM, CISA, CompTIA Security+) preferred
Language Skills
Demonstrated proficiency in oral and written English
5 years experience in the same Field.
Experience in Infrastructure, Network, Endpoint, Cloud and Container Security
Endpoint and Network Security
Incident Response
Cloud and Container Security
Communication skills
Analytical and Problem Solving skills
Knowledge of Identity and Access Management
Knowledge of Data protection measures and controls
Analytical skills
Deadline is one month from posting.
