Security Operation Center Delivery Lead (SOC Lead)

union coop - Dokki, Giza

Applicants for
1 open position
Not Selected
Experience Needed:
10 to 20 years
Career Level:
Job Type:
Full Time
Education Level:
Bachelor's Degree
1 open position
About the Job
  • The position will be based at Union Coop's Research & Development CoE in Egypt.
  • Implementation and Administration of Splunk, QRadar, ArcSight
  • Leading 24x7 SOC Team. Daily/Weekly/Monthly trend analysis report for alerts and incidents
  • Perform root cause analysis on security and availability incidents producing harm charts per-incident and monthly/yearly summary reports
  • Tune and refine existing security filters and event rules to reduce false positives. Creation of customized reports, dashboard & Preparation of compliance dashboard
  • Conduct SIEM application training for the new hires and existing SOC employees
  • Advance SOC Setup - Orchestration and threat intelligence
  • Network and security analysis/assessments and security monitoring
  • Performing Real-Time Monitoring Investigation, Analysis, Reporting and Escalations of Security Events from Multiple log sources
  • Handles all end-users, report Incidents, problem ticketing, and change management ticketing with respect to Network Security within the agreed SLA
  • Tracking and reporting the configuration changes in Routers, Switches, and Firewalls of different clients
  • Device integration, Creating rules, Active channel, Dashboard, Filters, Reports, queries, etc. in Splunk, QRadar, and ArcSight to track incidents.
  • Aggregating and Correlating Logs and Configuring Reports, Queries, Rules, Filters, Dashboards, Real-Time Alerts and Console Resource Operations
  • Identify Union Coop Reporting requirements; Translate requirements into SIEM Technical Specifications
  • Assist co-ordinate with the Security Incident Handling Team in providing assistance during investigations


Job Requirements


SOC Monitoring and Implementation

  • Over 10+ years of experience in various information security domains like Compliance Audit, Security Operation Center, threat intelligence and has a proven track record in the planning, designing, and execution of SOC implementation, business requirement mapping, Security information and event management (SIEM) tooling. SOC governance (Including KPIs and metrics), SOC staff training and career development, SOC process, and audit.
  • Real-Time Log Monitoring in the Security Operations Centre (SOC) from different devices such as Firewalls, IDS, IPS, Operating Systems like Windows, Unix, Proxy Servers, Windows Servers, System Application, Databases, Web Servers, and Networking Devices
  • Technical escalation of all L1, L2, and L3 incidents in SOC.
  • Project documentation
  • Delivery methodologies and skill enhancements
  • Analyze and troubleshoot delivery issues in a timely fashion
  • Manage a delivery team to ensure timely and accurate Union Coop Information Security deliveries
  • Oversee daily activities of the delivery team and provide direction and guidance as needed

Design, Create, and Innovate SIEM Use Cases in accordance with Union Coop's business requirement and as per the Cyberthreat surface of UC’s line of business.

  • Good knowledge on SIEM tools like Splunk, QRadar and ArcSight concept and architecture
  • Experience in implementation of SIEM Hands-on Experience in Device integration with SIEM

Cyber Threat Hunting, Analytics and Threat Intelligence 

  • Knowledge of Data Science with excellence in analyzing large volumes of security data and to determine patterns of interest or outliers or hidden attacks and build repeatable algorithms and machine learning models for apply on regular basis to the data.
  • Experience in threat hunting and the use of algorithms and tools built by data scientists to actively hunt for attacks in large volumes of data, and create alerts that are passed on to SOC L1 & L2 analysts
  • Collate information from external threat sources as well as data from internal SOC and prepare actionable threat feeds and Intelligence briefs. Experience in integrating threat feeds with SIEM/ other security products of Union Coop as well as to active SOC Manager & SOC Engineering team. The intelligence briefs are consumed by SOC lead, Investigators, and SOC Engineering Team for creating COA.
About this Company

Union Coop was established by Ministerial Resolution No. 31/2 dated May 24, 1982, issued by the Ministry of Labour and Social Affairs at the time. The aim of the establishment is to enhance the social and economic conditions of members and to serve the local community in where... (More)

See all Careers and Jobs at union coop