Job Description

A

SOC Engineer

(Security Operations Center Engineer) is responsible for maintaining the security of an organization's IT infrastructure by monitoring, detecting, and responding to security incidents. Below is a typical job description for this role, including key responsibilities:

Certificates Required:

1. GCIH

2. FOR 508

3. GCFA

Roles and Responsibilities:

Monitoring and Incident Detection:

Continuously monitor security alerts and notifications from various security tools and technologies (e.g., SIEM systems, IDS/IPS, firewalls, etc.). Investigate security incidents and potential threats. Perform triage and prioritize incidents based on severity and impact. Detect, analyze, and report any abnormal activity or potential threats in the network.

Incident Response and Mitigation:

Lead or assist in the response to security incidents, ensuring proper containment, eradication, and recovery procedures are followed. Work with other teams (e.g., IT, network, and system admins) to mitigate security incidents and vulnerabilities. Provide guidance on handling and escalating incidents based on predefined escalation paths.

Security Tools and Technology Management:

Manage, configure, and optimize security tools (such as SIEM, firewalls, and antivirus software) to enhance security operations. Maintain logs and ensure the integrity of security infrastructure tools and devices. Implement and update security protocols to ensure the organization's systems and data are protected.

Threat Intelligence and Vulnerability Management:

Collect and analyze threat intelligence data from various sources to identify emerging security threats and vulnerabilities. Perform vulnerability assessments and recommend remediation actions based on findings. Assist with patch management and ensure timely deployment of security patches.

Reporting and Documentation:

Document security incidents, actions taken, and lessons learned to improve future responses and security posture. Generate reports on security incidents, system performance, and security operations metrics. Present regular status updates on security incidents and trends to management.

Collaboration and Communication:

Collaborate with other teams (network security, IT, DevOps, etc.) to ensure a holistic security approach. Communicate effectively with internal teams and external vendors to resolve security issues. Provide training and knowledge transfer on security best practices to other employees.

Continuous Improvement:

Continuously assess and improve the effectiveness of security tools and processes. Research new security technologies and trends to stay ahead of potential threats. Participate in ongoing security awareness programs and training.

Compliance and Standards Adherence:

Ensure that security operations comply with relevant industry standards, regulations, and best practices (e.g., GDPR, HIPAA, PCI DSS). Perform regular audits and assessments to ensure compliance with security policies.
Job Type: Full-time

Pay: QAR13,000.00 - QAR15,000.00 per month

Education:

Bachelor's (Required)
Experience:

SOC: 4 years (Required)
Language:

Arabic (Required)
License/Certification:

GCIH (Required) FOR 508 (Required) GCFA (Required) * Computer Science or Information Technology (Required)