Job Description

Profile Requirements (Real-time monitoring for security threats and incidents):

Bachelor's Degree information security, cyber security, network security or computer science.

Flexibility to work in shifts, and during public and official holidays.

Minimum 3 years of experience in SOC

Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.

Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.

Understanding of IT and Enterprise network architectures, protocols and technologies specially within Telecom Operator

Knowledge of best practices for incident response and incident management.

Knowledge of host-based and network-based intrusion detection methodologies and techniques.

Knowledge of network access, identity and access management.

Knowledge and understanding of new technologies and solutions from a cybersecurity perspective.

Knowledge of the components of a network attack and their relationship to threats and vulnerabilities.

Knowledge of defense-in-depth principles and network security architecture.

Knowledge of threat intelligence sources, capabilities and limitations.

Knowledge of how threat intelligence sources collect intelligence.

Knowledge of the common network layer attack vectors.

Knowledge of Windows and Linux ports and services.

Knowledge of system administration, network, and operating system hardening techniques.

Knowledge of operating system command-line tools.

Knowledge of network protocols and directory services.

Knowledge of how to use network analysis tools to identify vulnerabilities.

Understanding of network traffic analysis, system events analysis and threat moulding.

Understanding of security operations center technologies including SIEM, XDR and SOAR.

Ability in tuning security controls sensors and enhance defensive mechanism aligned with threat actors' tactics.

Requirements

Perform incident response handling and support level 1 incident response team.

Manage and oversee shift team duties and activities.

Ensure incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.

Provide summary reports of network events, incidents, and other cybersecurity-relevant activities in line with organizational policies and requirements.

Identify, evaluate, develop, and report SOC related metrics via dashboard and reports on regular basis.

Identify, prioritize, and coordinate the protection of critical cyber defense infrastructure and resources.

Perform incident handling, event triage, network analysis, threat detection and trend analysis.

Support threat and vulnerability analysis and cybersecurity advisory services and recommendations.

Ensure that cybersecurity improvement actions are evaluated, implemented, and reviewed as required.

Uses data collected from cyber defense tools to analyze events to detect and mitigate cyber threats.

Improve security control effectiveness and tune SOC defense solutions.

Collects and analyzes multi-source information about cybersecurity threats to develop deep understanding and awareness of cyber threats and actors' Tactics, Techniques and Procedures (TTPs), to derive and report indicators to predict, detect and prevent cyber incidents.

Monitor cyber threat intelligence feeds and report significant network events and intrusions.

Proactively searches for undetected threats in networks and systems, identify Indicators of Compromise (IOCs) and recommends mitigation plans.

Provide timely detection, identification and alerting of possible attacks and anomalous activities.

Provide timely and relevant updates on security incidents, trends, analyses, response resolutions and any other relevant information required.

Number of Positions- 2

Immediate joiners preferred.

Candidates currently present in Oman are requested to apply.