Job Description

Job Code: 4347
Job Title: Specialist IS Operation
Job Location: Abu Dhabi
Operational Tasks
. Contribute to the application of information security measures to programs, devices, data and system management in accordance with the policies and laws in force in this regard and in a manner consistent with the foundations of information security and close cooperation with the relevant authorities of the systems.
. Participate in the implementation of the information security strategy to protect and report on information systems, prevent potential threats.
. Participate in monitoring the current information security system and operational environment, implementing effective solutions for systems and devices, vulnerability to risk, impact of potential threats and availability of systems.
. Monitor continuously the security events and alerts from various security tools (SIEM, IDS/IPS, etc.).
. Coordinate with the incident response team to mitigate and remediate security threats.
. Develop and execute playbooks and procedures for incident response.
. Participate in post-incident reviews to improve future incident handling.
. Generate regular reports on security incidents, trends, and SOC performance.
. Simulate real-world attack scenarios to assess the effectiveness of existing security measures.
. Collaborate with blue team members to refine detection and response capabilities.
. Provide detailed reports on red team findings, including technical and strategic recommendations for improvement.
. Maintain SOC tools and technologies Splunk (SIEM, IDS/IPS, firewalls, etc.).
. Optimize the configuration and performance of security tools to ensure effective monitoring and detection.
. Ensure proper access controls are in place for all SOC systems and tools.
. Develop and maintain SOC operational policies and procedures.
. Ensure compliance with the company standards and best practices (e.g., ISO 27001, NIST).
. Contribute to the incident response team during security events, ensuring smooth coordination and clear communication.
. Participate in Developing comprehensive security frameworks that encompass cloud infrastructure, data protection, identity and access management (IAM), and application security.
. Design secure data flows between on-premises systems and cloud environments, ensuring data integrity and confidentiality.
. Perform threat modeling to identify potential security risks within cloud architectures and develop strategies to mitigate those risks.
. Integrate security automation tools and processes, such as Infrastructure as Code (IaC) security scanning, automated compliance checks, and continuous monitoring.
. Utilize DevSecOps practices to ensure security is integrated into the CI/CD pipeline and cloud deployments.
. Participate in the implementation of advanced cloud security solutions, such as CASB (Cloud Access Security Broker), cloud-native firewalls, and cloud security posture management (CSPM) tools.
. Stay up to date with emerging security threats and cloud technologies, adapting the organization's security and cloud strategies accordingly.

• Professional certifications

'Certified SOC Analyst (CSA),GIAC Certified Incident Handler (GCIH) and professional certificates like CompTIA Security+,Splunk Core Certified User/Power User/Administrator, Offensive Security Certified Professional (OSCP) ,Microsoft Certified: Azure Security Engineer Associate ,Certified Incident Handler (ECIH),Certified Cloud Security Professional (CCSP)