drjobs Qatar - Onsite - SOC L1 L2 L3 Logrhythm Cybersecurity - Longterm English

Qatar - Onsite - SOC L1 L2 L3 Logrhythm Cybersecurity - Longterm

صاحب العمل نشط

1 وظيفة شاغرة
هذا المنشور غير متاح الآن! ربما يكون قد تم شغل الوظيفة.
drjobs

حالة تأهب وظيفة

سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكتروني
Valid email field required
أرسل الوظائف
drjobs
أرسل لي وظائف مشابهة
drjobs

حالة تأهب وظيفة

سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكتروني

Valid email field required
أرسل الوظائف
موقع الوظيفة drjobs

قطر - قطر

الراتب drjobs

لم يكشف

drjobs

لم يتم الكشف عن الراتب

عدد الوظائف الشاغرة

1 وظيفة شاغرة

الوصف الوظيفي

Job Title: SOC L1 2 years
Job Title: SOC L2 3 5 years
Job Title: SOC L3 510 years
Location: Qatar (Onsite)
Mandatory: Logrhythm & Cybersecurity
Certified: Logrhythm
Duration: Longterm

Job Description:
The role requires working within a SOC operational support environment incorporating a tiered Security support model across a range of Security support functions in Qatar.
Your primary objective will be too proactively monitor and hunt through customer environments to detect and respond to information security threats. You will help to protect an organization by employing a range of technologies and processes to prevent detect and manage cyber threats. This can include protection of computers data networks and applications.
The Security Operations Analyst Level 3 role is tasked with evaluating SIEM (Security Incident Event Manager) related events flagged for review by established strategies. This evaluation is performed with various validation tools understanding and application of computer security topics and malware infections and identification of new techniques to make quick decisions with a high rate of accuracy. The person in this role will contribute to the strategic development of a new pilot program aimed at further enhancing the world class experience. The Security Operations Analyst Level 3 is expected to adhere to numerous Key Performance Indicators to ensure decisions are made balancing factors such as risk tolerance and customer experience.

Another responsibility of this role is to help train machine learning models by labeling transactions queries or other entity pairings.

Profile Requirements:
Proposition of specific recommendations
Investigate and solves security breaches and other cyber security incidents and provide incident response.
Incident analysis for correlation rules design and implementation
Business usecases design and deployment
Check of applied recommendation for L3 incidents
Validates weekly monthly quarterly half and yearly reports
Definition and follow up of incident reconstruction plans
Malware analysis reverse engineering
Deals with incidents from L2 and investigation and qualification of L2 incidents
Access to tiers tools for investigation
Development finetuning and implementation of threat detection analytics
Provides investigation on complex incidents.
Forensic handling and threat hunting
Provides forensics investigation and analysis ( memory filesystem network mobile iOS/Android forensics
Analyze and provides threat intelligence information
Provides advisories on incident modelling and reconstruction
Define new correlation rules in the SIEM depends on the requirements
Provides security crisis management
Very good communication skills with fluent English
Deep log analysis skills on SIEM Logrhythm Logrhythm experience is mandatory.
performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations enclave policy or local policy using the Vulnerability Assessments tool Nessus scanner
Daily assessment of vulnerabilities identified by infrastructure scan.
Evaluate rate and perform risk assessments on assets.
Prioritizing vulnerabilities discovered along with remediation timeline(s)
Monitor and collect activity data from endpoints that could indicate a threat using VMWare Carbon black
Analyze this data to identify threat patterns
Automatically respond to identified threats to remove or contain them and notify security personnel
Forensics and analysis tools to research identified threats and search for suspicious activities
Very good knowledge of Windows and/or Linux/Unix
Very good understanding of security incidents networking and common protocols
Scripting in Python Bash Perl PowerShell.
Review standard security arrangements that is provide external/semiexternal reviews
Manage audits and training for new threats
Stay current on IT security trends and news.
Analyze for attacks intrusions and unusual unauthorized or illegal activity
Investigate new vulnerabilities and share the latest industrylevel responses
Investigate security breaches and other cyber security incidents and provide incident response.
Liaise with different internal and external stakeholders when an incident occurs
Manage remotely stored critical information (passwords network configs etc.) in an emergency
Use advanced analytic tools to determine emerging threat patterns and vulnerabilities
liaise with stakeholders in relation to cyber security issues and provide future recommendations
Install security measures and operate software to protect systems and information infrastructure including firewalls and data encryption programs.
Document security breaches and assess the damage they cause.
Work with security team to perform tests and uncover network vulnerabilities.
Fix detected vulnerabilities to maintain a highsecurity standard.
Stay current on IT security trends and news.
Research security enhancements and make recommendations to management.

forensics,security,firewall,security measures,network security,logrhythm,threat detection,cyber security,soc,python,bash,incident response,siem,cybersecurity,vulnerability assessments,perl,powershell,vulnerability

نوع التوظيف

دوام كامل

نبذة عن الشركة

0-50 موظف
الإبلاغ عن هذه الوظيفة
إخلاء المسؤولية: د.جوب هو مجرد منصة تربط بين الباحثين عن عمل وأصحاب العمل. ننصح المتقدمين بإجراء بحث مستقل خاص بهم في أوراق اعتماد صاحب العمل المحتمل. نحن نحرص على ألا يتم طلب أي مدفوعات مالية من قبل عملائنا، وبالتالي فإننا ننصح بعدم مشاركة أي معلومات شخصية أو متعلقة بالحسابات المصرفية مع أي طرف ثالث. إذا كنت تشك في وقوع أي احتيال أو سوء تصرف، فيرجى التواصل معنا من خلال تعبئة النموذج الموجود على الصفحة اتصل بنا