Description

Cyber Security Operations Analyst

This role will support
threat monitoring, detection, event analysis, incident response/reporting, forensics, and
threat hunting activities for the Cyber Defense Center (SOC), which is a 24/7 environment.

The SOC Analyst must have relevant experience in Cybersecurity incident response and have a deeper understanding with some hands-on experience on enterprise IT infra components.

Responsibilities:
• Providing incident response/investigation and remediation support for escalated security alerts/incidents (should be flexible to work in 24*7 environment).
• Leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
• Performing comprehensive computer monitoring, identifying vulnerabilities, Target mapping and profiling.
• Develop, update and maintain log baselines for all platforms.
• Conduct Threat hunting to detect complex cyber incidents in addition to the rulebased detections.
• Provides support for complex computer/network exploitation and Defense techniques to include deterring, identifying, and investigating computer and network intrusions.
• Provides technical support for forensics services to include evidence seizure, computer forensic analysis and data recovery, in support of computer crime investigation. Researches and maintains proficiency in open and closed source computer exploitation tools, attack techniques, procedures and trends.
• Performs research into emerging threat sources and develop threat profiles. Keep updated on the latest cybersecurity threats. Provide recommendations on how to improve security posture from the technical perspective.
• Install/configure/build/finetune the SIEM tools to setup an effective information security support / operation.
• Establish KPI, review & manage security logs and provide reports based on KPI and metrics.

Required Skill Sets:
• 6+ years previous working experience in a SOC or Cyber Security Role with last 2 years in an
L2 or above role. Prior experience in detecting, analysing and investigating security incidents, threat intelligence, network forensics.
• Sound understanding of SIEM, PAM, IAM,DAM,CASB, EDR, other threat detection platforms and Incident Response tools. Has a systematic, disciplined and analytical approach to problemsolving, knowledge of current threat landscape (threat actors, APT, cybercrime, etc.)
• Has knowledge of Data Loss Prevention monitoring and audit requirements (PCI, HIPPA, SOX, etc.)
• Required Experience in administrating or monitoring detection/security tools such as SIEM / EDR / Endpoint Protection / IPS/IDS / DLP / Cloud Security (GCP. AWS, Azure) / Identity and Access Management / Firewalls and Networking.
-
Security Certifications Preferred (Including but not limited to the following certifications)
• Security Certifications Preferred (Including but not limited to the following certifications) Certified Incident Handler (GCIH),GCIA, GDAT,GMON, OSCP, CHFI,

Pay:
QAR12,000.00 - QAR15,000.00 per month

Application Deadline: 15/06/2023