Location: Abu Dhabi
We are looking to hire a SOC Analyst as part of our growing Cloud Operations team based in Abu Dhabi.
What You’ll Do, but not limited to:
- Follow detailed operational processes and procedures to appropriately analyse, escalate, and assist in remediation of critical information security incidents.
- Correlate and analyse events using the Microsoft Sentinel SIEM tool to detect IT security incidents.
- Ability to work with and design LogicApps for automated IR.
- Conduct analysis of log files, including forensic analysis of system resource access.
- Review customer reports to ensure quality and accuracy.
- Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources
- Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
- Respond in a timely manner (within documented SLA) to cases, such as support cases and threat cases.
- Document actions in cases to effectively communicate information internally and to customers.
- Manages and configures security monitoring tools (SIEM, SYSLOG, NETFLOW, FIM, SYSMON etc.)
- Resolve problems independently and understand the escalation procedure.
- Maintain a high degree of awareness of the current threat landscape.
- Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Recommend enhancements to SOC security process, procedures and policies.
What You’ll Bring
- A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree
- An active interest in internet security, incident detection, network and systems security
- A sound knowledge of IT security best practices, common attack types and detection/prevention methods
- Demonstrable experience in analysing and interpreting system, security, and application log
- Knowledge of the type of events that Firewalls, IDS/IPS, and other security related devices produce
- Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
- Knowledge of possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.
- 2-4 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration English skills both written and spoken
- Strong analytical and problem solving skills
- A motivated, self-managed, individual who can demonstrate above average analytical skills and work professionally with peers and customers even under pressure
- Very good communication skills
- Strong written and verbal skills
- Strong interpersonal skills with the ability to collaborate well with others.
- Ability to speak and write in English is required; Arabic is a plus.
What We’ll Offer You
- Lean. Do. Share. Office environment
- An open, informal, and multinational working environment
- High level of responsibility and excellent career opportunities
- Local, regional and global input from engaging with different team members from our global teams
- Constant learning
- Social events, company outings, and many more (virtual until post corona)