Overview
The SOC Engineer L1 plays a crucial role in safeguarding the organizations information systems and data through proactive monitoring and incident response. Based in Qatar this position focuses on the initial analysis and handling of security incidents while collaborating with various teams to enhance security protocols and processes. The SOC Engineer L1 will be responsible for monitoring security alerts conducting analysis based on potential threats and responding to incidents effectively. This role serves as the first line of defense against cybersecurity threats ensuring that any potential vulnerabilities are detected early and mitigated swiftly. The importance of this position cannot be overstated as it directly contributes to maintaining the integrity confidentiality and availability of organizational data ultimately protecting the organizations reputation and operational capabilities.
Key Responsibilities
- Monitor security alerts and notifications from SIEM tools.
- Conduct initial investigations on security incidents.
- Analyze logs from various sources to identify suspicious activities.
- Assist in incident triage and escalation to L2/L3 teams.
- Respond to and remediate security incidents promptly.
- Maintain and update security documentation as required.
- Support vulnerability assessments and penetration tests.
- Participate in security awareness training sessions.
- Collaborate with IT teams to implement security improvements.
- Report on security incidents and trends to management.
- Utilize SIEM and other monitoring tools effectively.
- Stay updated on the latest cybersecurity threats and trends.
- Perform routine checks on firewall and endpoint security settings.
- Assist in the development of SOC processes and procedures.
- Provide support for daily SOC operations and reporting.
Required Qualifications
- Bachelor s degree in Computer Science Information Technology or related field.
- Certification in cybersecurity (e.g. CompTIA Security CEH) preferred.
- 12 years of experience in a security operations center.
- Familiarity with network security principles and technologies.
- Experience with SIEM tools (e.g. Splunk ArcSight).
- Knowledge of incident response and handling procedures.
- Understanding of TCP/IP and network protocols.
- Experience with log analysis and monitoring tools.
- Basic understanding of malware analysis techniques.
- Strong problemsolving and analytical skills.
- Excellent communication and teamwork abilities.
- Ability to work in a fastpaced environment.
- Fluency in English; Arabic is a plus.
- Willingness to participate in oncall rotations.
- Attention to detail and a strong work ethic.
- Knowledge of compliance standards (e.g. ISO 27001 GDPR) is a plus.
siem tools,threat assessment,malware analysis techniques,communication,communication skills,analytical skills,teamwork,network security,knowledge of compliance standards,log analysis,forensic analysis,vulnerability assessment,problem-solving,attention to detail,incident response