Job Objective:
- Handle security monitoring and incident response, while coordinating with various stakeholders to detect and respond to complex cyber-attacks, risk based scenarios and threats
- Provide in-depth incident analysis, evaluate security incidents and capability to prioritize based on relevancy and urgency
- Create Risk related documentation, record risks and carry out risk analysis of open risks, provide recommended actions to stakeholders while focusing on security with minimal impact on operations
- Handle Phishing Incidents and work with IT Security Architects to create attack simulation scenarios based on real world threats seen in the organization
- Proven Experience in SIEM, EDR and SOAR technology, manage and configure security monitoring tools - commercial and open source
- Experience in defensive areas such as NGAV, NGFW (IPS/ IDS), Web Application Firewalls, URL filtering
- Design, implement new SIEM use cases based on onboarded log sources, regularly recognize and develop new use cases for automation and optimization of security monitoring solutions
- Strong Threat Hunting approach and knowledge in MITRE ATT&CK Methodology, create threat hunting scenarios and use cases through research and threat intelligence analysis
- Directly communicate and coordinate effectively with corporate users, teammates, system owners and management to ensure timely response and resolution of incidents
- Work with IT Security Architects to identify gaps and weaknesses across the organization, experience in vulnerability assessment and fundamentals of penetration testing
- Provide inputs on fine tuning security solutions, constantly review product documentation to ensure the solutions are updated and utilized to the best of their capabilities
- Willing to work in shifts while ensuring well-articulated documentation and comprehensive handover procedures are carried out
- Optimize Incident Response procedures based on evolving threats and create playbooks for First Responders and NOC
- Create Dashboards for Technical Team and Executive Dashboards for management and present monthly SOC Metrics and KPIs
- Integrate solutions with Threat Intelligence feeds such as MISP, STIX and TAXII, APIs etc., connect relevant and up to date threat feeds
- Optimizing and adhering to SOC processes and policies, escalation matrix and SLAs
- Security in Cloud Platforms and implementing security monitoring in the cloud environment
- Ability to create and optimize security signatures, whitelist false positives based on granular requirements and follow a Zero Trust approach
- Microsoft Security Center, Defender ATP, O365 Security, Azure Sentinel experience and knowledge in KQL (Kusto Query Language) will be a plus
- Knowledge or experience specific to Palo Alto, Fortinet devices will be an added advantage
Job Details
| Posted Date: | 2021-09-25 |
| Job Location: | Dubai, United Arab Emirates |
| Job Role: | Information Technology |
| Company Industry: | Media Production; Video & Film Production; Broadcast Media Production |
Preferred Candidate
| Career Level: | Entry Level |
| Degree: | Bachelor's degree |
وظائف الامارات,فرص عمل الامارات,وظائف SOC Analyst - Security Operations Center Analyst - MBC Group