Cyber Security Analyst

Job description / Role

Primary responsibilities of this role are to implement, support, monitor, enhance, and operate ADSS Information Security/IT Security Solutions and Systems. Ensuring that ADSS systems, processes and people are effectively adhered to relevant Information Security Policies is part of the key activities of this role.

Primary Responsibilities:
• Evaluate, Implement, configure and administer security tools/solutions to address security threats.
• Day to day administration of Information Security Solutions and Systems, including Firewalls, IPS/IDS, Web and Email Content filtering, Access Control Systems, and Data Leakage Prevention etc.
• Follow up and ensure the installation and updating of security related software on PCs and Servers, including Antivirus, Data Leakage Prevention, and Network Admission Control etc.
• Deploy and Administer Proxy/Reverse Proxy technologies/tools/solutions to ensure appropriate security of ADSS network and systems.
• Administer and configure the Centralized Security logging and monitoring solution (SIEM)
• Evaluate and coordinate the installation of security patches and related processes.
• Design/Implement and maintain the remote access solutions/architecture for ADSS to ensure security of its information and systems.
• Install, maintain and fine-tune the host/network Intrusion Prevention/Detection Systems for the HQ site and other remote locations
• Implement, Administer and Maintain the Dual factor authentication solution and token life cycle management.
• Continuously monitor and respond to all security events/logs of all relevant ADSS systems and devices, including Load Balancers, Network/Security Devices, Trading Platform Servers, Active Directory Servers, and other Windows/Linux systems
• Categorize and prioritize the events and ensure the timely escalation and reporting to the Information Security Manager.
• Monitor, analyze and escalate logs/events/alerts from Data Leakage Prevention solutions and fine-tune it to ensure effective usage of the solution for business benefits and to reduce false positives and false negatives.
• Deploy and administer the VPN, SSL, SSH, SFTP, PKI solutions and other relevant technologies for the secure data transmission.
• Implement and administer Security tools and components associated with information exchange between ADSS and other financial institutions.
• Implement and Maintain the mobile device management security solutions
• Install and Manage any other security solutions and tools as necessary and relevant
• Based on provided guidelines carry out ongoing review of access rights of all ADSS systems based on the approved baselines and actual rights on the systems.
• Carry out regular vulnerability scanning of all ADSS systems and co-ordinate for the closure of gaps identified. Conduct penetration testing where applicable.
• Assist the Information Security Manager for conducting security risk assessment/impact assessments of IT or Business related changes
• Any other duties assigned by the Line Manager.

Requirements

Education and Experience:

• Graduation in any discipline, ideally IT, Computer Science or Telecommunication
• Overall 7 years of IT experience is required, in which 3 to 5 years of experience must be in IT Security/Network Security/Information Security domain
• Experience should include security monitoring; log reviewing, network penetration testing, application vulnerability assessments, risk analysis and compliance testing.
• Experience in SIEM (Security Incident and Event Management) tools like RSA Envision, Arc Sight, Log logic, Nitro Security etc. is preferable.
• Experience with some or all of the vulnerability scanning tools and methods such as IBM AppScan, HP Webinspect, Accunetix, Eeye retina, NCircle, NMap, Nessus, NTO Spider, Burp suite Pro etc.
• MCSE, CCNA, CCNP, RHSE, CHFI, CISSP, GIAC, or other security certifications are strong advantage to the right candidate.
• Experience in SIEM (Security Incident and Event Management) tools like RSA Envision, Arc Sight, Log logic, etc. is preferable.
• Information Security in general, Network/IT Security specific.
• Strong understanding in TCP/IP and Network technologies and protocols, including TCP/IP, DNS, DHCP, SFTP, SMTP, IPsec etc.
• Thorough understanding and experience in various operating systems including Windows, UNIX, Apple etc.
• Working experience in some or all of the Security tools, devices, solutions including Cisco, Forti-Gate, Juniper firewalls, VPN devices, IPS/IDS, TMG, F5, Barracuda, and Citrix etc.
• Knowledge and experience in any one of the Data Leakage Prevention Solutions like Digital Guardian, Web Sense, RSA or Symantec Vontu etc. will be a definite advantage.
• Thorough knowledge and Working experience in any of the Dual Factor Authentication Solutions like RSA, Vasco, or Duo Security etc.
• Strong understanding and good working experience on monitoring and responding logs and events from Anti-virus/Anti-malware solutions, web/email content filtering solutions, data leakage prevention solutions etc.

About the Company

Abu Dhabi-based ADS Securities provides sophisticated forex, bullion and commodities trading solutions to institutional and professional investors.

Current clients include global and regional hedge funds, central banks, asset managers, market-using banks, other non-bank financial institutions and qualified trading professionals.

ADS Securities is the fastest growing Middle East based trading platform which brings together excellence in technology, world class liquidity and international standards of service to provide traders with exceptional spreads and prices.

Located in a stable and resilient marketplace, with a high level of capitalisation, ADS Securities is developing a new and dynamic forex market. Leveraging its relationships with tier 1 primary brokers and liquidity provides and by bringing in regional liquidity, ADS Securities is extending the trading hours of the major markets – bridging liquidity flows from the far-east to Europe, maintaining spreads and prices for 24/7 investors.