Available Opportunities
VAC8892 - Manager, SOC/ Fast Telco Subsidiary of Ooredoo Kuwait
Field: Corporate Information Security Contract Type: Full Time - Permanent
Location: Kuwait - Kuwait City Closing date: 31-Dec-2022
Role Purpose:
Support  Security Operations Center
Key Accountabilities & Responsibilities:
  • Develop SOC MSSP offers for B2B
  • Assist sales team as technical SOC Pre-sales
  • Manage Security Operations Centre and the Analyst staff associated with the SOC 
  • Manage Multi-vendor Siem Solution Technologies (Logrythmn / Wazuh, Snort ELK Stack, Qradar, Splunk  )
  • Lead SOC Team in Incident flow, detection, forensic investigations  and resolution
  • Build and develop SOC processes, procedures in close cooperation with our SOC operations
  • Ensure all necessary information and security data are continuously being collected, correlated and analysed to detect potential external and internal threats to Ooredoo & its clients.
  • Define and review key security performance indicators that ensures proper service delivery and service improvements.
  • Manage all day-to-day activities within the SOC to ensure effective operation of incident detection and response processes.
  • Provide leadership, guidance and technical expertise to deliver a professional service to ooredoo and its clients.
  • Ensure security detection, response, and recovery procedures are up-to-date, maintained and followed.
  • Accountable for security incident management.
  • Ensure proper integration and handover of new security services within the monitoring and detection capability of the SOC.
  • Develop and provide reports on a regular basis to meet Ooredoo’s compliance and audit needs.
  • Develop connectors and/or APIs for SOC integrations and perform level 3 security analysis function
  • Configure and automate uses cases for security incidents and SOAR
  • Manage and Detect Incidents by monitoring the SIEM console, Rules, Reports and Dashboards.
  • Review and triage information security alerts, provide analysis, determine and track remediation, and escalate as appropriate
  • Monitor the SIEM console resources to identify any anomalies and report violations
  • Monitor emerging threats through Tools, Techniques, and Procedures (TTPs) and how they relate to the MITRE ATT&CK framework
  • Report Incidents to concerned teams and Asset Owners
  • Communicate with external teams in proper incident resolutions

    Broad knowledge on threat analysis and experience in intelligence reporting

  • Manage Ooredoo and FT Business as usual SOC work orders
  • Evaluate SOC equipment hardware/Software
  • Manage security health-check monitoring of SIEM Solution and its components Plan and evaluate SOC equipment hardware and reflecting it to the inventory database, Research and introduce new technologies
  • Manage and maintain all existing and new SIEM Solutions
  • Manage SIEM security configuration, and architecture (including hardware & software technology, site location & integration of technologies.Resolve escalated issues from Ooredoo and FT SOC TTs
  • Complete handover from Security Ooredoo and FT & complete new assigned Projects.
  • resolve all  security issue related to Ooredoo and FT
  • Manage all devices with accessing (SIEM Solution ) Extending the support to internal and external audit regarding their queries
  • Explaining to internal and External audit the business requirements that leads to the current setup
Qualifications:
  • Bachelor degree or Equivalent
Other Information:
  • Hands -on experience in Cyber Security Monitoring, Threat Intelligence and SOC Operations in any private/government/ telecom/banking sector
  • Preferred Technical security certifications (at least one) such as GIAC (GSOC), CompTIA (CySA+) , CompTIA Security+, EC Council (C|SA), LogRhythm Security Analyst (LRSA)
  • Preference will be given to candidates having experience in public sectorISP Experience
  •  Familiar with Security Technology
Note: you will be required to attach the following:
1. Resume / cv