Degree Level: Bachelor's Degree
:
KEY ACCOUNTABILITIES
xc2xb7 Proven experience in leading the development, deployment, and optimization of Security Operations Centres (SOC), including the SOAR implementation projects.
xc2xb7 Strong expertise in designing and executing custom automation scripts and playbooks to streamline security operations workflows (detection, containment, response).
xc2xb7 Proven ability to reduce MTTD/MTTR, improve recovery times, and automate security event handling in multi-tenant environments.
xc2xb7 Collaborate with cross-functional teams to integrate SOAR with existing security tools and processes.
xc2xb7 Develop playbooks for incident response and ensure regular testing and updates.
xc2xb7 Develop and maintain SOC documentation, including Standard Operating Procedures (SOPs), Service Level Agreements (SLAs), and reporting templates to support consistent and efficient operations.
xc2xb7 Investigate, analyse, coordinate, and report on all security events, incidents and intrusions; track incidents through analysis, correction and resolution
xc2xb7 Analyse and integrate threat intelligence data in SIEM and SOAR to enhance detection capabilities and incident response.
xc2xb7 Leverage Threat Intelligence to build out and tune use cases for Security monitoring and detection, and detection and develop security hunting tasks to detect suspicious activity
xc2xb7 Stay current with emerging threats and vulnerabilities, integrating relevant intelligence into security practices.
xc2xb7 Create and maintain documentation for SIEM and SOAR configurations, procedures, and playbooks.
xc2xb7 Generate regular reports on security incidents, trends, and metrics for management review.
xc2xb7 Provide training and guidance to team members on SIEM and SOAR best practices.
xc2xb7 Document all incidents, investigations, and analysis activities accurately and thoroughly.
xc2xb7 Work with different IT teams to troubleshoot and resolve security-related issues and assist in configuring the logs to be forwarded from their respective systems to SIEM solution.
xc2xb7 Assist the cross functional teams in project-related activities, especially in creating/reviewing the use cases, for any new/existing systems and co-ordinate with vendors to add/update the use cases.
xc2xb7 Studying vulnerabilities, identifying relevant threats, corrective actions recommendations and reporting results. xc2xb7 Assist in reviewing deliverables from projects, implementation, and health check activities and supports any potential changes required to IT Security monitoring plans.
xc2xb7 Conduct SOC Maturity Model assessment.
xc2xb7 Stay up to date in current tools, techniques, and vulnerabilities to incorporate into testing practices
xc2xb7 Act as an ambassador for DP World at all times when working; promoting and demonstrating positive behaviours in harmony with DP World's Principles, values and culture; ensuring the highest level of safety is applied in all activities; understanding and following DP World's Code of Conduct and Ethics policies.
xc2xb7 Perform other related duties as assigned.
QUALIFICATIONS, EXPERIENCE AND SKILLS
Knowledge and Experience
xc2xb7 Bachelor's Degree in Computer Science or equivalent
xc2xb7 Should have 8-10 years of experience in IT Security with at least 6 years' experience in conducting analysis of log data in support of intrusion analysis or information security operations
xc2xb7 In-depth Technical and hands-on knowledge and experience across Cyber Security and technology domains
xc2xb7 Knowledge of current cyber threats, trends, attack lifecycle, and various Tactics, Techniques, and Procedures (TTPs)
xc2xb7 Strong understanding of the Cyber Kill Chain, pervasive threats attack methods and remediation.
xc2xb7 Strong hands-On Experience SIEM and SOAR solutions.
xc2xb7 Understanding of security frameworks and compliance regulations.
xc2xb7 Proficiency in scripting languages (e.g., Python, PowerShell, Jinja) for automation purposes.
xc2xb7 Excellent analytical and problem-solving skills, with the ability to communicate technical concepts to non-technical stakeholders.
xc2xb7 Strong understanding of the Cyber Kill Chain, pervasive threats attack methods and remediation.
xc2xb7 Industry recognized professional certifications CISSP, GIAC, NSE or Microsoft Azure.
xc2xb7 Good understanding in E-commerce, logistics, supply chain & port operations applications will be added advantage.
xc2xb7 Detailed understanding of MITRE framework and common attack vectors.
xc2xb7 Experience in working with Multi-tenant environment is preferable.
Soft Skills
xc2xb7 Excellent communication & analytical skills
xc2xb7 Program and Project management skills
xc2xb7 Time management skills
xc2xb7 Team player and conflict management skills
xc2xb7 Coaching / guiding skills
xc2xb7 Ability to adapt in a complex environment, loves challenges, with the will and drive to learn new things on his/her own
xc2xb7 Cultural awareness Technical Skills
xc2xb7 Experience with two or more analysis tools used in a CIRT or similar investigative environment
xc2xb7 Ability to build content in SIEM and SOAR Solutions.
xc2xb7 Ability to analyse and triage IoCs.
xc2xb7 Strong knowledge of automation scripts using PowerShell, Python and Jinja
xc2xb7 Hands-on experience with Azure Sentinel SIEM Solution and FortiSOAR platform is desired.
xc2xb7 Experience with logs onboarding on SIEM solution.
xc2xb7 Experience with automated playbooks creation on SOAR Platform.
xc2xb7 Knowledge of current cyber threats, trends, attack lifecycle, and various Tactics, Techniques, and Procedures (TTPs)
#L1-AA6