SOC Analyst - #33620
Work Experience4-5 years
CountryUnited Arab Emirates
About usInfosec Ventures incubates and scales cyber security innovators that solve for inefficiencies in cyber security, solve big problems and deliver exceptionally high return on investment for customers. We are on a mission to make the world cyber safe, by protecting systems and the ‘human operating system’. Some notable current ventures include humanfirewall.io, emailauth.io, bugsbounty.com, securityrating.com among others. An idea is worth one dollar, it's the execution that adds the zeros at the end of it, to make it a billion dollars!
Job Description for L1, L2 and L3 Analyst
We are currently seeking qualified candidates for a prestigious client in the healthcare industry in DUBAI. This is an ON-SITE job.
Please Apply only when you are open to relocate to DUBAI, or if you are currently residing in DUBAI.
The Level 1,2 and 3 Analyst participates in 24x7x365 coverage for event monitoring, incident detection and response within the DHA CSOC.
The Level 1 and Level 2 Analysts analyse output from various technologies to effectively identify anomalous events and triage security incidents. The analyst is responsible for either escalating suspected Incidents to L3 Analysts or handling the Incident in line with documented Incident Response procedures.
Level 1 and 2 Analysts will conduct analysis of events from a variety of log sources such Windows and Unix Operating Systems, network, application and bespoke log sources as well as network packet captures. The CSOC analysts should be familiar with Security Event triage through use of SIEM technologies as well as have a strong understanding of other security tools capabilities such as anti-DDOS, IPS/IDS, APT detection and Anti-Virus.
Monitor alerting tools (SIEM) and handle escalated incidents from Helpdesk and end users.
Triage alerts as they come in through SIEM and action appropriately.
Respond to common alerts in a consistent and repeatable manner from multiple alerting sources ensuring to gather context and intelligence.
Provide escalations of unknown threats to Level 2 Analysts.
Develop and maintain CSOC documentation.
Perform Incident Response for qualifying L1 incidents & develop Incident Response
Procedures for common, repeatable Incident types.
Experience & Qualifications
Good understanding of Network Infrastructure and enterprise IT
Strong understanding of Security concepts and best practices.
Good understanding cloud security tools and techniques.
Experience in SIEM, and Log monitoring and analytics (Preferably RSA Net witness, Microsoft Sentinel, QRadar, Splunk) and EDR monitoring and analytics experience (Preferably Defender, Crowd strike, Cybereason, Carbon black).
Ability to read and understand system data including security event logs, system logs, application logs, and device logs.
Ability to query, filter and interpret TCP/IP packets to identify anomalies and IOC’s
Possess understanding of enterprise grade technologies including operating systems, databases and web applications.
Possess understanding of security technologies and tools.
Experience working in a 24/7/365 service driven environment.
GIAC Security Essentials Certification (GSEC)
Certified Security Analyst (ECSA)
Certified Incident Handler (ECIH)
Certified Ethical Hacker (CEH)