Information Security IR Analyst

The Hague, South Holland, Netherlands - Hybrid 

Who we are:

Aramco is a world leader in integrated energy and chemicals. Our offices in Europe support a wide range of activities from facilitating the safe and reliable delivery of energy to customers around the globe, to pushing for breakthroughs in research and innovation.

Aramco overseas company in Europe has its headquarters in The Hague, with offices across the continent. For over 60 years now, we have supported Aramco with a wide range of activities from facilitating safe and reliable delivery of energy to customers around the globe, to pushing for breakthroughs in research and innovation.

The team is responsible for protecting Aramco Overseas Company from threats and comply with the specific regulations and laws, so it can continue to provide uninterrupted services to Saudi Aramco, the mother company. The team is responsible for processes such as Governance, Risk Management & Compliance and IT Business Continuity. Ensuring that organizational activities, like managing IT operations, are aligned in a way that supports the organization’s business goals.
 

Duties and Responsibilities:

•    Performs incident analysis for escalated incidents L2 or L3
•    Ensures adequate incident mitigation times
•    Resolving complex problems and incidents by developing innovative solutions
•    Keeps the appropriate parties informed of progress on the problem resolution
•    Coordinates technical work with other departments and functions
•    Stays current on technologies supporting SOC operations and ensures familiarity with new technologies
•    Initiates mitigation action where required within scope of knowledge
•    Implements incident countermeasures in coordination with other internal groups as necessary
•    Tracks security incidents to resolution
•    Assists with incident escalation flow and ticket system integration processes
•    Assists the AOC incident response team with incident management in accordance with documented policy and procedures

Preferred Experience and Qualifications:

•    Bachelor’s degree program in a technical field such as Computer science, Management Information Technology (MIS),
•    Engineering, and Mathematics is strongly preferred
•    Five (5) year’s work experience in computing environment or Data Networking fields
•    Experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security
•    Incident Response Center (CSIRC) or a Security Operations Center (SOC)
•    Experience with SIEM, SOAR, EDR and other security tools
•    Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning
•    tools, network and host based
•    Experience with a variety of operating system experience, Windows/Linux/Unix in a functional capacity
•    Advanced knowledge of general IT infrastructure systems or cloud services and how they work (Microsoft 365, VMware, etc.)
•    Ability to analyze logs and other related data from varied systems to identify signs of a breach or security incident
•    Ability to quickly respond and adjust to changing priorities along with the ability to manage multiple tasks concurrently
•    Knowledge of and demonstrate ability to proactively research and address emerging cybersecurity threats and issues
•    Must be able to communicate and comprehend accurately, clearly and concisely in English at a level required to perform the job as
•    outlined
•    Must possess good work habits, a strong work ethic, and be able to adhere to company work hours, policies, and standard
•    business etiquette
•    Must exemplify strong analytical skills, consensus building and strong collaboration skills are crucial