Help AG is looking for a talented and enthusiastic individual to join our Security Operations Center (SOC) team for our Managed Security Services (MSS) unit. If you have a strong knowledge and interest in network security, this position might be the right one for you.
The Level one (I) MSS Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents.
The Level two (II) MSS Security Analyst will be responsible for:
• Monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents
• Coaching and mentoring to level 1 Analysts
• Developing content and use cases based on possible attack activities, newly discover indicators of compromise (IOCs), and customer requirements
Skills & Requirements:
• A Degree in Computer Science, Information Systems, Electrical Engineering or a closely related degree
• An active interest in Internet Security, incident detection, network and systems security
• A sound knowledge of IT security best practices, common attack types and detection / prevention methods.
• Demonstrable experience of analyzing and interpreting system, security and application logs
• Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce
• Experience in using SIEM tools such as ArcSight, Envison, Splunk, NitroSecurity
• TCP/IP knowledge, networking and security product experience
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable
• SIEM terminology, such as threat, vulnerability, risk, asset, exposure, safeguards, etc.
• Protocol Analysis experience with tools like Wireshark, Opnet, Gigiastor
• Working knowledge of network architecture.
• Strong research background, utilizing an analytical approach.
• Familiarity with network security methodologies, tactics, techniques and procedures.
• Experience performing security/vulnerability reviews of network environments.
• Experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns.
• Outstanding Organizational Skills
• Exclusive focus and vast experience in IT
• Very good communication skills
• A motivated, self-managed, individual who can demonstrate above average analytical skills and work professionally with peers and customers even under pressure.
• Strong written and verbal skills
• Strong interpersonal skills with the ability to collaborate well with others
• Ability to speak and write in English is required; Ability to speak and write in both English and Arabic is preferred
• Highly motivated individual with the ability to self-start, prioritize, multi-task and work in a team setting.
• Candidate must be able to react quickly, decisively, and deliberately in high stress situations.
• Follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents
• Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs and other security threat data sources
• Correlate and analyze events using the ArcSight / Splunk SIEM tool to detect IT security incidents
• Follow detailed operational process and proced