Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs and other security threat data sources
Correlate and analyze events using SIEM tools to detect security incidents
Create, Follow and Present detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents
Respond to inbound requests via phone and other electronic means for technical assistance with managed services
Respond in a timely manner (within documented SLA) to support, investigate, and other cases
Document actions in cases to effectively communicate information internally and to customers
Resolve problems independently and understand escalation procedure
Maintain a high degree of awareness of current threat landscape and Cybersecurity intelligence
Spread the Cybersecurity Intelligence across the team of Analysts and engage in threat hunting activities
Lead delivery, and support others in the delivery, of knowledge sharing with Analysts and writing technical articles for Internal Knowledge Bases, Blog Posts and Reports as requested
Perform other essential duties as assigned
Candidate in this position must be able to work in rotating shifts within a 24/7 operating environment
Analysis of log files, includes forensic analysis of system resource access.
Create, Follow and Present customer reports to ensure quality, accuracy, and value to clients
Creation of new Content (Use Cases, Queries, Reports) within the SIEM Platform
Education and Training of other Analysts in use and operation of SIEM Platform
On-site work with clients as required
Engage with client Incident Response team as required
Generate Cybersecurity Threat Intelligence reports
Able to work in rotating shifts within a 24/7 operating environment
Your Qualifications
Bachelor's/Master's Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree
An active interest and passion in Cybersecurity, incident detection, network, and systems security
A sound knowledge of IT security best practices, common attack types and detection / prevention methods.
Demonstrable experience of analyzing and interpreting system, security, and application logs
Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce
Experience in using Splunk as an Analyst for Threat and Incident Detection is required
Experience with ArcSight, Envison, LogRhythm, QRadar, NitroSecurity is preferable but not mandatory
Strong understanding of Cyber Kill Chain and MITRE ATT&CK frameworks and techniques
Solid understanding of TCP/IP and network concepts and principles
Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.
Professional certificates are highly preferred (e.g. CCIE, OSCP, Security+, CySA+, CISSP, GISF, GSEC, GCIA, GCIH, GMON, GREM, GDAT, GCFEetc.)
An experienced Analyst who aspires to be a Leader, and is committed to learning the principles of Leadership and the role of a Leader
Outstanding Organizational Skills
Exclusive focus and vast experience in IT
Very good communication skills
Strong analytical and problem-solving skills
A motivated, self-managed, individual who can demonstrate exceptional analytical skills and work professionally with peers and customers even under pressure.
Strong written and verbal skills
Strong interpersonal skills with the ability to collaborate well with others
Ability to speak and write in English is required Ability to speak and write in both English and Arabic is preferred
Well-versed in developing Content for SIEM (creating, fine tuning) use cases and rules.
Experience with automation tools (e.g. SOAR) is preferred
JOB TYPE
Permanent Job
INDUSTRY
IT / Computers - Software
FUNCTION
IT
ROLES
Security Analyst
SKILLS
SENIOR SECURITY ANALYST
ملحوظة هامة:
وظايف نت ليست شركة توظيف وانما موقع للاعلان عن الوظائف الخالية المتاحة يوميا فى أغلب الشركات بالشرق الاوسط
,فنرجو توخى الحذر خاصة عند دفع اى مبالغ او فيزا او اى عمولات. والموقع غير مسؤول عن اى تعاملات تحدث من خلال الوظائف المعلنة.
