Real-time threat monitoring and response activities to enable delivery of complete Security Incident and Event Management services on a wide range of security services both on-premises and cloud security services
Applying analytical, reasoning and specialized technical expertise to investigate, identify, correlate and escalate security incidents, network anomalies and proactive/reactive reporting activities.
Conduct vulnerability assessment using the defined assessment tools & prepare the required reports.
Investigate incident to determine root cause and follow up with respective teams to ensure incident closure with pieces of evidence.
Gather security intelligence such as new vulnerabilities and threats.
Adhere to Information Security policies, standards and processes.
Prepare daily, weekly and Monthly reports and submit them to the SOC manager
Conduct periodic assessments in on-premises & cloud infra and suggest necessary changes to enhance the cyber resilience
Involve in activity security projects.
Participate in Incident management and cyber drills.
Hunt for new threats and propose or implement automatic detections.
Participate in playbook enhancements both by process and in SOAR.
Propose or implement False-positive fine-tunings for the existing use cases.
Essentials:
Have solid understanding on reviewing SIEM logs or Security Events from devices such as Firewall, IDS / IPS, Proxy, Antivirus, DLP, EDR, Email Security, Syslog etc.
Have strong knowledge and experience in Security Incidents and troubleshooting on Security Incidents.
Strong understanding of IT operations: help desk, end-point management, and server management
Strong understanding of adversary motivations: cybercrime, cyber hacktivism, cyber war, cyber espionage
Strong understanding of vulnerability management, threat analysis, security auditing, security monitoring, penetration testing, incident response and other information security practices is preferred
Knowledge of generic information security standards/programs and frameworks as well as best practices
Desired Qualifications:
Bachelor’s degree in Computer Security but not mandate.
Bachelor’s degree in Information Technology but not mandate.
Certifications like CySA+, Security+, CEH, ECSA is an added advantage.
SOC or IT Security experience in Banking sector is preferred but not mandate.
Job Requirement
Essentials:
Have solid understanding on reviewing SIEM logs or Security Events from devices such as Firewall, IDS / IPS, Proxy, Antivirus, DLP, EDR, Email Security, Syslog etc.
Have strong knowledge and experience in Security Incidents and troubleshooting on Security Incidents.
Strong understanding of IT operations: help desk, end-point management, and server management
Strong understanding of adversary motivations: cybercrime, cyber hacktivism, cyber war, cyber espionage
Strong understanding of vulnerability management, threat analysis, security auditing, security monitoring, penetration testing, incident response and other information security practices is preferred
Knowledge of generic information security standards/programs and frameworks as well as best practices
Desired Qualifications:
Bachelor’s degree in Computer Security but not mandate.
Bachelor’s degree in Information Technology but not mandate.
Certifications like CySA+, Security+, CEH, ECSA is an added advantage.
SOC or IT Security experience in Banking sector is preferred but not mandatory
Beware of fraud agents! do not pay money to get a job
MNCJobsGulf.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.