الفرص المتوفرة
VAC8736 - Senior SOC Engineer/ Fast Telco Subsidiary of Ooredoo Kuwait
: Ooredoo Kuwait
المجال: Corporate Information Security نوع العقد: Full Time - Permanent
مقر العمل: Kuwait - Kuwait City تاريخ انتهاء: 31-Jul-2022
Role Purpose:

 

Support  Security Operations Center

Key Accountabilities & Responsibilities:

  • Operate & Maintain Multi-vendor Siem Solution Technologies ( Logrythmn / Wazuh, Snort ELK Stack, Qradar, Splunk  )

  • Responsible for taking action on alerts, events, and incidents escalated from the Level 1 Analyst.

  • Develop Cybersecurity Playbooks

  • Operate & maintain SOAR Solution integration with SIEM

  • Strong working knowledge on SOC technologies (SIEM), threat intelligence platforms, correlation rules creating, security log management, threat event monitoring and analysis, event/incident triage, security technologies integration with SOC (e.g. endpoint protection; intrusion detection/prevention; firewalls, DLP etc.)

  • Analyse and architect complex solutions to information technology cybersecurity threats that relate to confidentiality, integrity, and availability of data and systems

  • Provide regular updates to the executive management team on status of company's risk posture and security program

  • Organize and lead the security incident response capability, preemptively engaging with and training stakeholders throughout the organization

  • Manage and oversee our business continuity and disaster recovery efforts to ensure the organization is prepared for high-risk business disruptions

  • Keep abreast of latest security and privacy legislation, regulations, adversaries, alerts, and vulnerabilities

  • Understanding of log collection and aggregation techniques, Elasticsearch, Logstash, Kibana (ELK), syslog-NG, Windows Event Forwarding (WEF), etc.

  • Ability to correlate data from multiple data sources to create a more accurate picture of cyber threats and vulnerabilities

  • Lead Forensic investigations

  • Develop SOC Dashboards And Reporting     

  • Manage Ooredoo and FT Business as usual SOC work orders

  • Evaluate SOC equipment hardware/Software

  • Manage security health-check monitoring of SIEM Solution and its components   

  • Plan and evaluate SOC equipment hardware and reflecting it to the inventory database, Research and introduce new technologies

  • Manage and maintain all existing and new SIEM Solutions

  • Manage SIEM security configuration, and architecture (including hardware & software technology, site location & integration of technologies

  • Resolve escalated issues from Ooredoo and FT SOC TTs

  • Complete handover from Security Ooredoo and FT & complete new assigned Projects.

  • resolve all  security issue related to Ooredoo and FT

  • Manage all devices with accessing (SIEM Solution )

  • Extending the support to internal and external audit regarding their queries

  • Explaining to internal and External audit the business requirements that leads to the current setup

Qualifications/Requirements:

  • Engineering Bachelor degree or Equivalent

  • Preferred Technical security certifications (at least one) such as GIAC (GSOC), CompTIA (CySA+) , CompTIA Security+, EC Council (C|SA), LogRhythm Security Analyst (LRSA)

  • Preference will be given to candidates having experience in public sector

  •  Familiar with Security Technology

 

 

Other Information:
  • Required 05 years of proven hands -on experience in Cyber Security Analyst L2 , Threat Intelligence and SOC Operations in any private/government/ telecom/banking sector.

  • Preferred Technical security certifications (at least one) such as GIAC (GSOC), CompTIA (CySA+) , CompTIA Security+, EC Council (C|SA), LogRhythm Security Analyst (LRSA

  • Preference will be given to candidates having experience in public secto

  •  Familiar with Security Technology)    

  • Strong Technical & Analytical skills
  • Quick learner and self-starter, with a willingness to be abreast with the latest technologies to be successful
  • Strong interpersonal communication skills and presentation skills with the ability to elaborate complex technologies to peers and management
  • Strong knowledge of working with multivendor

     

ملاحظة: يجب إرفاق الملفات التالية:
1. Resume / cv