Senior Cybersecurity Defence Analyst

flyadeal Egypt

The role is responsible for using data collected from cyber defence tools to analyse events that occur within flyadeal to detect and mitigate cyber threats, performing vulnerability & risk assessments of systems and networks, identifying where they deviate from acceptable configurations or applicable policies, measuring effectiveness of defence-in-depth architecture against known vulnerabilities, and executing cybersecurity compliance and risk assessment on F3 new systems/service in multiple phases of the project.

Key Responsibilities

• Analyse organization's cybersecurity defence policies and configurations to evaluate compliance with regulations and organizational directives.
• Correlate incident data to identify vulnerabilities.
• Carry out vulnerability scanning on systems and assets and recommend corrections for the environment.
• Use cybersecurity products and security control technologies to reduce identified risk to an acceptable level.
• Maintain a deployable cyber defence audit toolkit based on industry best practice to support cyber defence audits.
• Escalate incidents that may cause immediate or ongoing impact.
• Analyse and report on trends in the organization's security posture, systems' security posture and cyber defence trends.
• Correlate information from multiple sources to understand situation and determine the effectiveness of an observed attack.
• Perform cybersecurity reviews and identify security gaps in security architecture to inform risk mitigation strategies.
• Conduct authorized attempts to penetrate computer systems or networks and physical premises, using realistic threat techniques, to evaluate their security and detect potential vulnerabilities.
• Prepare cybersecurity assessment and audit reports that identify technical and procedural findings and include recommended remediation strategies and solutions.
• Identify indications and warnings through research, analysis, and correlation across multiple data sets.
• Assist in the construction of signatures for implementation on cybersecurity network tools to respond to new or observed threats within the environment.
• Provide summary reports of network events and other cybersecurity-relevant activities in line with organizational policies and requirements.
• Recommend cost-effective security controls to mitigate risks identified through testing and review.
• Use security testing and code scanning tools to conduct code reviews.