Job Description
● Monitor and analyze logs and events daily, to determine whether any events could constitute a genuine security incident. ● Perform security monitoring, reviewing, investigating, and reporting the events generated by the SIEM. ● Follow-ups the process of requests for the incident. ● Part of security incident response team to handle important security. incidents/alerts, investigate the root cause in collaboration with other Security teams, establish corrective controls and minimize the impact. ● Research and incorporate the latest international trends in security operation management. ● Documentation of SOC output (pentest reports, vulnerability assessment reports, and incident response reports). ● Create queries, dashboards, and visualizations to support customer requirements and monitoring of SIEM systems.
Requirements
● Sufficient knowledge about attack methods. ● Sufficient knowledge about threat modeling. ● Knowledge of security courses such as SANS 503,504,555. ● Sufficient knowledge about Network Security Concepts. ● Sufficient knowledge of SIEM tools. ● Ability to analyze raw log files and packet captures. ● Ability to understand network defense principles and common attack vectors. ● Experience with threat Hunting. ● Experience with IOC enrichment and analysis. ● Sufficient work experience in vulnerability scanning, assessment. ● Knowledge of security test standards such as SANS, etc. ● Sufficient knowledge about hardening for different types of infrastructures. ● Familiar with common standards and best practices implemented in Information Security Management and Cyber Resilience, like ISO/NIST/PCI. ● High integrity, responsibility, honesty, and professionalism. ● A demonstrated knowledge of security protocols and technologies, IT security controls associated with firewalls, email, web, endpoints, operating systems, IPS/IDS, cryptography, networks, etc.
Employment Type
- Full Time
Job Category
Seniority
Details
Employment type
- Full Time
Job Category
Seniority
