Job Description

Location: Dubai


This role follows a rotating shift schedule as part of 24/7 SOC operations.


In this role, you will be responsible for onboarding new applications, developing security rules, creating reports, and optimizing alerting & monitoring within the FortiSIEM and FortiSOAR platforms. The ideal candidate should have a strong understanding of SIEM and SOAR technologies, particularly FortiSIEM and FortiSOAR, with the ability to design and implement security monitoring and automation solutions.

Key Responsibilities

FortiSIEM Responsibilities

? Application Onboarding

Integrate & configure security data sources in FortiSIEM. Troubleshoot data ingestion & log collection issues.

? Rule Development & Customization

Design & fine-tune correlation rules for threat detection. Develop & update custom SIEM rules.

? Use Case Development

Implement use cases for Intrusion Detection, Anomalous Activity & Threat Hunting. Translate business processes into actionable SIEM use cases.

? Alerting & Monitoring

Configure real-time security alerts & automated responses. Monitor SIEM system health & performance.

? Reporting & Dashboards

Design custom dashboards & reports. Generate trend analysis for vulnerabilities & threats.

? Security Incident Response

Assist in investigating & mitigating security incidents. Utilize FortiSIEM reports for threat detection.

? Continuous Improvement

Stay updated on emerging threats & SIEM enhancements. Improve SIEM efficiency, automation & response strategies.

FortiSOAR Responsibilities

? SOAR Implementation & Playbooks

Design, deploy, and optimize FortiSOAR automation workflows. Build custom connectors & playbooks for security tool integration.

? Incident Response Automation

Configure triage & auto-remediation workflows. Enhance alert prioritization & reduce false positives.

? Infrastructure & System Management

Manage FortiSOAR in on-prem & cloud environments. Set up dashboards, reports, and incident war rooms.

? Threat Detection & Response

Automate threat intelligence ingestion & correlation. Utilize Jinja filters & automation functions.

? Client Support & Pre-Sales

Provide technical training & expertise to security teams. Assist in pre-sales & business development.

? Service Delivery & Documentation

Maintain SLAs, KPIs, and workflow documentation. Support 24x7 on-call security escalations.

Required Skills & Experience

? Technical Skills

Strong hands-on experience with

FortiSIEM and FortiSOAR

(configuration, deployment, and optimization). Expertise in

log aggregation, event correlation, and SIEM alerting mechanisms.

Experience with

playbook development and security automation using SOAR.

Knowledge of

network security, threat intelligence, and intrusion detection systems (IDS/IPS).

Proficiency in

scripting & automation (Python, Bash, PowerShell, KQL, GO, Jinja).

Understanding of

cloud-based and hybrid environments

and their integration with SIEM/SOAR solutions.

? Security Knowledge

Familiarity with

cybersecurity frameworks (NIST, ISO 27001, MITRE ATT&CK, etc.).

Understanding of

firewalls, endpoint detection & response (EDR), and other security tools.

Experience with

SIEM platforms

such as

Splunk, Microsoft Sentinel, QRadar, and Securonix

is preferred.

? Soft Skills

Strong

problem-solving and troubleshooting

abilities. Excellent

communication skills

to collaborate with technical & non-technical teams. Ability to work in a

fast-paced, dynamic environment

with tight deadlines. Should be ready to work in shifts/ weekends.

Preferred Certifications

NSE 6 FortiSOAR Administrator

NSE 7 FortiSOAR Design and Development (Architect)

Fortinet NSE Certification (FortiSIEM/FortiSOAR specific)

ISC2 Certified Information Systems Security Professional (CISSP)

Certified Ethical Hacker (CEH)

CompTIA Security+

Certified Information Security Manager (CISM)

ITIL Accreditation

(Preferred)

How to Apply

Send your resume to:

career@qpointme.com


Applicants should send an email with the subject

"SOC Analyst Application - FortiSIEM & FortiSOAR Experience."