Senior Analyst - SOC Monitoring Group 42

Job Responsibilities

Key Focus

Key Activities

Key Responsibilities:

• Validate the Incidents escalated by Tier 1 SOC Security Analysts.
• Perform second levrrency of threat condition and determine which security issues may have an impact on the organization services and information s.
• Conduct research, analysis, and correlation across wide variety data sets (e.g., indications and warnings).
• Provide recommendations foel of incident handling, and security monitoring and validation of physical security
• Identify weaknesses in software, hardware, and networks.
• Analyze, and communicate with stakeholders, the threats associated with every incident.
• Coordinate with relevant stakeholders to validate network alerts.
• Conduct analysis of log files, evidence, and other information in order to determine best methods for identifying attackers.
• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
• Monitor external data sources (e.g., Threat Intelligent sources, Dubai AE-CERT Teams, etc.) to maintain cur SIEM content development, tuning, reports and dashboards.

Characteristics:

• Excellent communication skills: written, verbal, and interpersonal.
• Strong team player with a customer service orientation, ability to forge relationships at all levels of the company and across diverse cultures.
• Ethical, honest, fair, and with high integrity.
• Excellent organizational and time management skills required.
• Exhibits ownership of projects and assigned tasks.
• Has an in-depth understanding of the incident response process, analysis, alerts, rules, etc.
• Highly analytical, strong problem-solving skills, and ability to thrive in an energetic, fast paced, high growth security team environment.
• Must be able to pass all security clearances
• Quickly owns and handles tasks accurately, highly dependable, and self-motivated.
• Takes proper care and administration to configure, implement, and maintain DLP technologies.

AOR (Any Other Responsibilities)

• Any other responsibilities as required by the Line Manager

Job Specifications

Certifications (Technical & Non-Technical)

• Related security certifications (i.e. CCNA, Network+, Security+, CISSP, CISM, GICSP, GCIH, GCIA, GRID)

Minimum Work Experience

• Min 6-8 yrs. experience one or more of the following:
• Skilled in identifying trends and patterns from analyzing host-based, network-based security logs
• Used network investigation tools such as Wireshark, and any other open source tools such as ELK, Rekall, Ghidra, FlareVM, to analyze log sources/memory/malware to understand intrusion vectors and attacker tactics, techniques and procedures
• Provide support and guidance to improve security requirements for the security operations
• Experience with Windows/Linux/Unix, understanding of NIDS/HIDS
• Monitoring of SIEM alerts with tools such as Splunk and EDR solutions

Education

• BS or MS in Information Security / Computer Science / Electrical Engineering or related field