Soc Analyst
Doha, Qatar
Job Description
Role \xe2\x80\x93 Information Security Analyst (SOC Analyst) for a Long-term contract opportunity (Secondment through Mekdam) with Qatar base Infrastructure company. Job Purpose Statement:
- We are looking for a skilled Information Security Analyst (SOC). The ideal candidate will have experience in Security Operation Centre, SIEM, Endpoint Security, Incident Management and Response. The candidate should have Minimum 7 yrs of Experience in Information Security Specialist. Responsible for handling cyber security incident response activities for SOC on a 24/7 basis.
- Responsible for acting on alerts, events, and incidents escalated from the Level 1/2 Analyst.
- Understand basic concepts such as networking, applications, and operating system functionality and be able to collaborate with other analysts to investigate security events, contextualize them with available intelligence, and identify potential threats.
- Transform event information and raw data into compromise reporting, acting to identify and halt active intrusions. Understand the operational security controls needed to detect, remediate, and prevent compromises. Candidates will need to apply their forensics, log analysis, and malware triage skills to solve complex intrusion cases.
- Maintain a strong understanding of network protocols, security appliances, and the data that traverses both.
- Responsible for Functional knowledge of host based forensic artifacts in as many operating systems, Windows, Linux, Mac OS.
- Consolidate technical artifacts and indicators into meaningful scale, impact, and remediation guidance.
- Analyze creatively and dynamically an ever-changing threat landscape by connecting disparate events into overarching incidents that may represent a larger threat than each individual event does alone.
- \xe2\x80\xa2 Responsible for Foundational knowledge of vulnerabilities, exploitation, lateral movement, command and control traffic, attacker methodologies, application whitelisting bypasses and legitimate service abuse.
- Responsible for Intelligence gathering and updating of Threat intelligence data pipeline.
- Handle Independent threat analysis.
- Contribute to threat alerts & advisories.
- Responsible for working in a 24x7 Security Operation centre (SOC) environment.
- Foundational knowledge of vulnerabilities, exploitation, lateral movement, command and control traffic, attacker methodologies, application whitelisting bypasses and legitimate service abuse.
- SIEM experience with RSA Netwitness, inquisitive nature, keen interest in actively participating in SOC development
- Experience on RSA ECAT endpoint solution, SOAR, UEBA, DLP, Proxy, WAF, AV, Email Security.
- The ability to analyze event and systems logs, perform forensic analysis, analyze malware, and other incident response related data, as needed
- Deep understanding of Incident Response and Incident Management best practices and processes
- Familiarity with intrusion detection systems (e.g., snort) and tools (e.g., tcpdump, Wireshark);
- Knowledge of attack vectors, threat tactics and attacker techniques
- Familiarity with network architecture and security infrastructure placement
- Good knowledge of Vulnerability analysis, information warfare, Botnet analysis and Botnet propagation techniques
- In-depth understanding of TCP/IP, DHCP, DNS, IPSEC, RPC, SMB, SSI-I, SIP, SMTP, IMAP, IRC, HTTP/S, FastFlux, Nettlow, SNMP, syslog
- Good Knowledge of Log Analysis
- Security Operation centre (SOC): 3 years (Preferred)
- SIEM with RSA Netwitness: 2 years (Preferred)
Beware of fraud agents! do not pay money to get a job
MNCJobsGulf.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.
Related Jobs
Job Detail
-
Job IdJD1537583
-
IndustryNot mentioned
-
Total Positions1
-
Job Type:Full Time
-
Salary:Not mentioned
-
Employment StatusPermanent
-
Job LocationDoha, Qatar
-
EducationNot mentioned