Job Description
*Mission
· Continually improve SOC and CSIRT processes and solutions.
· Provide visibility on network and systems activities from a security point of view.
· Effectively respond to all security incidents from detections to resolution and ensure all types of security incidents can be detected and responded.
Roles & Responsibilities
· Ensure continuity of 24x7/365 security services across the company while overseeing security event monitoring, management, and response
· Perform ongoing review and tuning of SIEM scenarios to detect new and more threats and improve detection quality.
· Ensure incident identification, assessment, quantification, reporting, communication, and mitigation while confirming SLA compliance, process adherence, and process improvement to achieve operational objectives.
· Ensure daily management, administration, and maintenance of security devices under the purview of the SOC which consists of state-of-the-art technologies.
· Perform threat hunting, threat management, and threat modeling, identify threat vectors, and develop use cases for security monitoring.
· To be responsible for overseeing the integration of standard and non-standard logs in SIEM and review/ revise the processes to strengthen Security Operations.
· Gather evidence, evaluate risk, and deliver a plan to respond to contain and remove security threats as quickly and safely as possible.
· To verify discovered vulnerabilities according to metrics; correlate and collate the information; apply treatment and hardening and create intelligence reports that communicate the results of the analyses to management and related stakeholders.
· Build and maintain positive working relationships with stakeholders including cooperating with CRA and FATA Police to meet their requirements.
· Define, develop, and review key security performance indicators that ensure service delivery and service improvements.
· Implement and continually improve Digital Forensics capability, tools, and processes.
· Develop and revise processes to strengthen the current Security Operations framework, review policies, and highlight the challenges.
· To educate ITS /NWG/ ICS on the importance of security monitoring and the need for improvement in log collections.
· Expand, tune, and health check cyber defense tools and technologies (NBA, EDR, XDR, DAM, SOAR, etc.).
· To liaise with ITS, NWG, and IFM teams to define new scenarios to detect unauthorized and malicious activities.
Job Requirements
*Education
· Bachelor’s Degree in Technology Systems (Information Technology/ Computer Engineering /Information Security) or related discipline
· Related certificates like CEH, SANS, CISSP is desirable
*Experience
· Minimum of 2 years of experience in SOC/CSIRT areas
· Experience working in a medium to large organization
· Experienced with log analysis tools, creating parsers, correlation rules, and managing reports and dashboards
· Experience in developing, documenting, and maintaining security procedures and playbooks
Employment Type
- Full Time
Job Category
Seniority
Details
Employment type
- Full Time
Job Category
Seniority
