Job Purpose:

Contribute to the planning, evaluation, architecture, and support of the Splunk SIEM solution and its associated processes

Contributes to the transformation of Cyber Security capability, ongoing maintenance, and any security-related projects to make sure controls are effective.

Detects, identifies, and responds to cyber events, threats, security risks, and vulnerabilities in line with cybersecurity policies and procedures.

Should effectively interact with colleagues across all functions of the company and incorporate maintaining the cybersecurity posture.

Assist the line manager to manage all security appliances (SIEM, VM, AV, FIM, IAM/PAM, DLP, etc.)

The candidate should be available on call and willing to work after office hours based on the requirements.

Performs department\'s related duties or any tasks defined by the line manager.

Key Accountabilities:

Act as an internal expert on matters relating to intrusion detection and incident response.

Lead investigations into network intrusions and other cybersecurity breaches. Provide a coordinated response to complex cyber-attacks that threaten the company\'s assets, intellectual property, and computer systems.

Strong experience with Splunk building and maintaining the Splunk infrastructure.

Developing comprehensive security write-ups that articulate security issues analysis and remediation techniques.

Investigation of security incidents to find the root cause for policy violation, malware detection, and exploit attempts.

Develop advanced queries using the Splunk Query Language or other scripting tools.

Develop Splunk custom use cases.

Develop custom rules to eliminate false-positive alerts.

Contribute to the development and improvement of security monitoring and incident response processes and other solutions as required to support our cybersecurity program.

Operate security monitoring and incident response tool sets with a focus on continuous improvement.

Entire Geidea Splunk technologies (KSA, Egypt) are maintained and managed throughout the lifecycle and ensure the 99.99% availability.

Onboard any new asset to the Splunk and ensure that all the assets are integrated with Splunk.

Research and recommend solutions for incident response and digital forensics.

Help the IT team on implementing Information Security controls as needed.

Professional Certifications

Splunk Enterprise Certified Admin

Splunk Fundamentals

\xe2\x80\x8bCompTIA Security+

Certified Ethical Hacker - CEH

Cisco Certified Network Associate - Security

Cisco Certified Network Professional

Required Education

Bachelor\'s degree in Computer Science, Information Technology, Telecommunications, Electronics & Electrical or any related field.

Required Work Experience

Minimum 3 years experience.

Required Skills/Competency

In-depth knowledge of Splunk Architecture

Malware Analysis

Cybersecurity Incident Response

Cyber Threat Intelligence (CTI)

IAM/PAM, VM, and DLP

Geidea