soc l2

2 weeks ago

المملكة العربية السعودية, Saudi Arabia Manpower Middle East Full time
Posted Date- about 3 hours ago- Location- Saudi Arabia- Discipline- Information Technology- Job Reference Salary- 0.0


Job Title:
Senior Security Analyst L2

Location:
Riyadh, KSA

Role Type:
Permanent

Job description

Responsibilities

  • Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
  • Correlate and analyze events using SIEM tools to detect security incidents.
  • Create, follow and present detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
  • Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
  • Respond in a timely manner (within documented SLA) to support, investigate, and other cases.
  • Document actions in cases to effectively communicate information internally and to customers.
  • Resolve problems independently and understand escalation procedure.
  • Maintain a high degree of awareness of current threat landscape and cybersecurity intelligence.
  • Spread the cybersecurity intelligence across the team of analysts and engage in threat hunting activities.
  • Lead delivery, and support others in the delivery, of knowledge sharing with analysts and writing technical articles for Internal knowledge bases, blog posts and reports as requested.
  • Perform other essential duties as assigned.
  • Analysis of log files, includes forensic analysis of system resource access.
  • Create, follow and present customer reports to ensure quality, accuracy, and value to clients.
  • Creation of new content (Use Cases, Queries, Reports) within the SIEM platform.
  • Education and training of other analysts in use and operation of SIEM platform.
  • Onsite work with clients as required.
  • Engage with client Incident Response team as required.
  • Generate cybersecurity Threat Intelligence reports.

Qualifications

  • 5+ years of experience in cybersecurity, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, threat intelligence/hunting or digital forensics.
  • Bachelor's/Master's Degree in Cybersecurity, Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
  • An active interest and passion in cybersecurity, incident detection, network, and systems security.
  • A sound knowledge of IT security best practices, common attack types and detection / prevention methods.
  • Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce.
  • Experience in using Splunk as an analyst for Threat and Incident Detection is required.
  • Experience with ArcSight, LogRhythm, QRadar, is preferable but not mandatory.
  • Strong understanding of Cyber Kill Chain and MITRE ATT&CK frameworks and techniques.
  • Solid understanding of TCP/IP and network concepts and principles.
  • Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS.
  • Professional certificates are highly preferred (e.g., CCIE, OSCP, CISSP, GSEC, GCIA, GCIH, GMON, GREM, GDAT, GCFE etc.).
  • An experienced Analyst who aspires to be a leader, and is committed to learning the principles of leadership and the role of a leader.
  • Outstanding organizational skills.
  • Exclusive focus and vast experience in IT.
  • Very good communication skills.
  • Strong analytical and problemsolving skills.
  • A motivated, selfmanaged, individual who can demonstrate exceptional analytical skills and work professionally with peers and customers even under pressure.
  • Strong written and verbal skills.
  • Strong interpersonal skills with the ability to collaborate well with others.
  • Ability to speak and write in English is required; Ability to speak and write in both English and Arabic is preferred.
  • Wellversed in developing content for SIEM (creating, fine tuning) use cases and rules.
  • Experience with automation tools (SOAR) is preferred.
  • Experience in Malware Analysis / Reverse Engineering is preferred.

  • SOC L2

    3 weeks ago

    المملكة العربية السعودية, Saudi Arabia Manpower Middle East Full time

    Posted Date- about 3 hours ago- Location- Saudi Arabia- Discipline- Information Technology- Job Reference- 31809- Salary- 0.0**Job Title: Senior Security Analyst L2** **Location**:Riyadh, KSA **Role Type**:Permanent **Job description** **Responsibilities** - Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs, and other...