Operate & Maintain Multi-vendor Siem Solution Technologies ( Logrythmn / Wazuh, Snort ELK Stack, Qradar, Splunk )
Responsible for taking action on alerts, events, and incidents escalated from the Level 1 Analyst.
Develop Cybersecurity Playbooks
Operate & maintain SOAR Solution integration with SIEM
Strong working knowledge on SOC technologies (SIEM), threat intelligence platforms, correlation rules creating, security log management, threat event monitoring and analysis, event/incident triage, security technologies integration with SOC (e.g. endpoint protection; intrusion detection/prevention; firewalls, DLP etc.)
Analyse and architect complex solutions to information technology cybersecurity threats that relate to confidentiality, integrity, and availability of data and systems
Provide regular updates to the executive management team on status of company's risk posture and security program
Organize and lead the security incident response capability, preemptively engaging with and training stakeholders throughout the organization
Manage and oversee our business continuity and disaster recovery efforts to ensure the organization is prepared for high-risk business disruptions
Keep abreast of latest security and privacy legislation, regulations, adversaries, alerts, and vulnerabilities
Understanding of log collection and aggregation techniques, Elasticsearch, Logstash, Kibana (ELK), syslog-NG, Windows Event Forwarding (WEF), etc.
Ability to correlate data from multiple data sources to create a more accurate picture of cyber threats and vulnerabilities
Lead Forensic investigations
Develop SOC Dashboards And Reporting
Manage Ooredoo and FT Business as usual SOC work orders
Evaluate SOC equipment hardware/Software
Manage security health-check monitoring of SIEM Solution and its components
Plan and evaluate SOC equipment hardware and reflecting it to the inventory database, Research and introduce new technologies
Manage and maintain all existing and new SIEM Solutions
Manage SIEM security configuration, and architecture (including hardware & software technology, site location & integration of technologies
Resolve escalated issues from Ooredoo and FT SOC TTs
Complete handover from Security Ooredoo and FT & complete new assigned Projects.
resolve all security issue related to Ooredoo and FT
Manage all devices with accessing (SIEM Solution )
Extending the support to internal and external audit regarding their queries
Explaining to internal and External audit the business requirements that leads to the current setup
Engineering Bachelor degree or Equivalent
Preferred Technical security certifications (at least one) such as GIAC (GSOC), CompTIA (CySA+) , CompTIA Security+, EC Council (C|SA), LogRhythm Security Analyst (LRSA)
Preference will be given to candidates having experience in public sector
Familiar with Security Technology
Required 05 years of proven hands -on experience in Cyber Security Analyst L2 , Threat Intelligence and SOC Operations in any private/government/ telecom/banking sector.
Preferred Technical security certifications (at least one) such as GIAC (GSOC), CompTIA (CySA+) , CompTIA Security+, EC Council (C|SA), LogRhythm Security Analyst (LRSA
Preference will be given to candidates having experience in public secto
Familiar with Security Technology)