Career Center

Role Purpose

Key Accountabilities & Responsibilities

• Operate & Maintain Multi-vendor Siem Solution Technologies ( Logrythmn / Wazuh, Snort ELK Stack, Qradar, Splunk  )
• Manage and support log collection, security scanning, intrusion detection, content filtering, and other security-related system
• Integrate Assets into SIEM Solution to report Security Incidents
• Develop connectors and/or APIs for SOC integrations and perform level 2, 3 security analysis function
• Configure and automate uses cases for security incidents and SOAR
• Detect Incidents by monitoring the SIEM console, Rules, Reports and Dashboards.
• Review and triage information security alerts, provide analysis, determine and track remediation, and escalate as appropriate
• Monitor the SIEM console resources to identify any anomalies and report violations
• Monitor emerging threats through Tools, Techniques, and Procedures (TTPs) and how they relate to the MITRE ATT&CK framework
• Report Incidents to concerned teams and Asset Owners
• Assist SOC Team in Incident flow, detection, forensic investigations  and resolution
• Communicate with external teams in proper incident resolutions
• Broad knowledge on threat analysis and experience in intelligence reportingManage Ooredoo and FT Business as usual SOC work orders
• Evaluate SOC equipment hardware/Software
• Manage security health-check monitoring of SIEM Solution and its components Plan and evaluate SOC equipment hardware and reflecting it to the inventory database, Research and introduce new technologies
• Manage and maintain all existing and new SIEM Solutions
• Manage SIEM security configuration, and architecture (including hardware & software technology, site location & integration of technologiesResolve escalated issues from Ooredoo and FT SOC TTs
• Complete handover from Security Ooredoo and FT & complete new assigned Projects.
• resolve all  security issue related to Ooredoo and FT
• Manage all devices with accessing (SIEM Solution ) Extending the support to internal and external audit regarding their queries
• Explaining to internal and External audit the business requirements that leads to the current setup

Qualifications

• Bachelor degree or Equivalent
• Preferred Technical security certifications (at least one) such as GIAC (GSOC), CompTIA (CySA+) , CompTIA Security+, EC Council (C|SA), LogRhythm Security Analyst (LRSA)

• Preference will be given to candidates having experience in public sector

Other Information

• 3 years of proven hands -on experience in Cyber Security Monitoring, Threat Intelligence and SOC Operations in any private/government/ telecom/banking sector
• ISP Experience
•  Familiar with Security Technology