Job Description

Conducting risk assessments, and implementing security controls. This position involves identifying and mitigating
security risks, investigating security incidents, and providing support for security-related projects and initiatives.

Plays a key role in safeguarding the organization's information assets by monitoring and analyzing security events,

Contribute to the planning and organizing of the work with team members to support timely achievement of unit
objectives in line with quality standards.
Ensure that all the assigned work to them is conducted in an efficient manner, which is consistent with the
organization’s procedures and policy.
Provide constructive feedback to the team members to support their overall development.
Promote the organization’s values and ethics in all activities within the team to support the establishment of a value
drive culture within the organization.
Policies, Systems, Processes & Procedures
Provide input and implement policies, systems, and procedures for the assigned team so that all relevant procedural
requirements are fulfilled.
Contribute to the development, implementation, and enforcement of policies and procedures, while monitoring
compliance with established standards and regulations to enhance overall information security posture.
Security Monitoring and Analysis:
Monitor security events and alerts using security information and event management (SIEM) tools.
Analyze security logs and data to identify potential security incidents or anomalies.
Investigate security alerts and assess their severity and impact on the organization.
Vulnerability Management:
Conduct vulnerability scans and assessments to identify security weaknesses in systems and networks.
Prioritize and remediate vulnerabilities based on risk and potential impact.
Track and report on the status of vulnerability remediation efforts.
Incident Response and Investigation:
Assist in responding to security incidents, including containment, investigation, and resolution.

Work closely with other IT teams and stakeholders to coordinate incident response efforts.
Security Risk Assessment:
Assist in conducting security risk assessments to identify and prioritize security risks.
Participate in risk mitigation activities and recommend security controls and countermeasures.
Maintain risk assessment documentation and track risk mitigation efforts.
Security Awareness and Training:
Support security awareness programs to educate employees about security threats and best practices.
Provide training and guidance to staff on security-related policies and procedures.
Assist in the development of security training materials and resources.
Security Tools and Technologies:
Assist in the management and maintenance of security tools and technologies, such as firewalls, IDS/IPS, and
antivirus systems.
Evaluate and recommend new security tools and technologies to enhance security posture.
Documentation and Reporting:
Maintain documentation of security processes, procedures, and configurations.
Prepare and deliver security reports and metrics to management and stakeholders.
Assist in regulatory compliance efforts by providing documentation and evidence as needed.
Risk and Business Continuity Management
Contribute to the effective implementation of corporate policies, procedures, and processes to promote a culture
focusing on the achievement of world-class standards in risk management, QHSE, and business continuity in line with
regulatory requirements.Document incident response activities and findings for further analysis and improvement.