Key Accountabilities:
- Develop an action plan to achieve SOC goals
- Develop and design ad-hoc reports templates for SOC incidents/activates
- Participate in R&D of SOC monitoring tools
- Participate in planning of new features in SOC dashboard
- Respond proactively to all incident / call opened in ticketing system
- Liaise with various business units and departments
- Support the rest of the teams within Team on the daily operational task whenever there is requirement
- Working side by side with SOC vendors and maintain professional conduct
- Provides input regarding improvements in detecting incidents.
- Interact and coordinate with Business units and build visibility on the security activities in relation to the area of work.
- Monitor the networks to ensure all attacks are identified proactively & reactively.
- Respond and take remedial action against identified threats in order to control damage.
- Assess and identify on the current monitoring capability & gaps to make sure the threat is remediated.
- Handle, response and escalate a security incident in a 24x7 environment through ticketing system.
- Develop and help implement processes for detecting, identifying and analyzing security related events in coordination with the security entities.
- Communicate and develop interaction with other security operations focused bodies.
- Report on incident causes and related weaknesses and recommend remedies.
- Strong understanding of incident response procedures
- Understanding of key technologies in security operations such as Vulnerability management, DDoS Concepts, AV fine tuning, SIEM, Networking, Intrusion prevention etc.
Qualifications:
- Minimum bachelor’s degree in information security or computer networks.
- CEH,CISM, CISSP, OSCP and/or relevant product-based qualification.
Experience:
- Minimum 8 years of experience in an operation security role, with at least 2-year experience as Senior incident analyst in MSSP.
- Triage and manage escalated security incidents end-to-end
- Perform in-depth analysis, threat hunting, and coordinate response actions
- Mentor Level 1 Analysts and support knowledge sharing
- Enhance SOC processes, content, and automation playbooks
- Ensure policy compliance and stay current on threats and vulnerabilities
- Expertise in firewalls (Palo Alto, Fortinet), IDS/IPS, VPNs, WAF, DDoS mitigation, and network protocols
- Proficient with SIEM (Splunk, QRadar, Sentinel), EDR (CrowdStrike, SentinelOne), vulnerability scanners (Nessus, Qualys), and cloud security (AWS, Azure, GCP)
Skills
- Able to take personal responsibility for all issues concerning the secure operations of the networks.
- Analyze information accurately.
- Display sound judgment.
- Solve problems.
- Influence decision makers.
الإبلاغ عن وظيفة
