Job Description

Profile Requirements (Real-time monitoring for security threats and incidents):

Bachelor's Degree information security, cyber security, network security or computer science.

Flexibility to work in shifts, and during public and official holidays.

Minimum 1 years of experience in SOC.

Good understanding and interest in cyber security including, but not limited to SIEM, A/V, Internet content filtering/reporting, malware prevention, Firewalls, IDS & IPS, Web security, and anti-spam. Please refer table in RFP requirement section for more details

Knowledge of how Security operation center works and its core functions.

Basic understanding of technologies used in Telecom environment.

Basic scripting skills for task automation

Knowledge of networking TCP/IP and troubleshooting

Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.

Knowledge of security concepts such as cyber-attacks techniques, threat vectors, risk management and incident management.

Understanding of IT and Enterprise network architectures, protocols, and technologies especially within Telecom Operators.

Knowledge and understanding of SOC technologies like SIEM, EDR, NDR, DDoS protection system and brand protection.

Knowledge and understanding of new technologies and solutions from a cybersecurity perspective.

Knowledge of the components of a network attack and their relationship to threats and vulnerabilities.

Knowledge of the common network layer attack vectors.

Knowledge of Windows and Linux ports and services.

Knowledge of network protocols and operating systems.

Knowledge of how to use network analysis tools to identify vulnerabilities.

Requirements

Work as level 1 team member in a 24/7 shifts.

Monitor security events received through SIEM, XDR and other security tools.

Ensure incident monitoring, identification, assessment, analysis, and escalation to L2

Carry out limited incident response to end users for low complexity security incidents.

Ensure proper tasks and incidents handover to the next shift team.

Participate actively in the resolution of incidents, even after they are escalated.

Provide timely detection, identification and alerting of possible attacks and anomalous activities.

Provide summary reports of network events, incidents, and other cybersecurity-relevant activities in line with organizational policies and requirements.

Uses data collected from cyber defense tools to analyze events to detect and mitigate cyber threats.

Improve security control effectiveness by reporting false positive alerts to L2 team for tunning and optimization.

Monitor cyber threat intelligence feeds and report related threats to stakeholders.

Monitor and protect Omantel digital brand and report potential threats and abuses.

Provide relevant updates on security incidents, trends, analysis, response resolutions and any other relevant information required.

Monitors security controls availability and health check and report any issues.

Initial response to detected internal or external threats and incidents - execute incident response playbooks, document incident response actions in a ticketing system, and use SIEM and other security tools for analysis.

Incident triage, documentation, and escalation of appropriate incidents to cyber security incident handlers

Help contribute to continued service improvement for security incident and case management.

Actively investigate the latest security vulnerabilities, threats, intelligence, advisories, incidents, and penetration techniques and apply the knowledge to improve Omantel CDC.

Number of Positions- 8

Immediate joiners preferred.

Candidates currently present in Oman are requested to apply.