Soc Analyst L2

Business Intelligence
United Arab Emirates πŸ‡¦πŸ‡ͺ
October 2, 2023

Apply for this job

Email *

Job Description

Job Requirements

Responsibilities

  • Follow detailed operational process and procedures to appropriately analyse, escalate, and assist in remediation of critical information security incidents.
  • Correlate and analyse events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
  • Conduct analysis of log files, including forensic analysis of system resource access.
  • Review customer reports to ensure quality and accuracy.
  • Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
  • Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
  • Respond in a timely manner (within documented SLA) to support, threat, and other cases.
  • Document actions in cases to effectively communicate information internally and to customers.
  • Resolve problems independently and understand escalation procedure.
  • Maintain a high degree of awareness of the current threat landscape.
  • Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
  • Perform other essential duties as assigned.
  • Able to work in rotating shifts within a 24/7 operating environment.

Skills

Qualifications & Skills

  • ο»ΏA Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
  • An active interest in internet security, incident detection, network and systems security.
  • A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
  • Demonstrable experience of analysing and interpreting system, security, and application logs.
  • Knowledge of the type of events that both Firewalls, IDS/IPS, and other security related devices produce.
  • Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
  • TCP/IP knowledge, networking, and security product experience.
  • Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
  • Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.
  • CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
  • Outstanding organizational skills.
  • Exclusive focus and vast experience in IT.
  • Strong analytical and problem-solving skills.
  • A motivated, self-managed, individual who can demonstrate above-average analytical skills and work professionally with peers and customers even under pressure.
  • Very good communication skills.
  • Strong written and verbal skills.
  • Strong interpersonal skills with the ability to collaborate well with others.
  • Ability to speak and write in English is required; Arabic is preferred.

Related Jobs