Security Operation Center Engineer (L2) (Multinational)
Pillars -
Cairo, EgyptPosted 2 years ago7Applicants for1 open position
- 0Viewed
- 0In Consideration
- 0Not Selected
Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
- A Security Analyst is a member of the SOC team will monitor security events that are generated by Security systems or platforms and investigates those events to determine any potential threats to the customer’s environment.
- Also, handle all incident escalations by customer and help them by providing root cause analysis report and recommendations.
- Essential Duties and Role Responsibilities (includes but not limited to)
- The Security Analyst will utilize technical expertise and polite professional etiquette while performing the following duties:
- Ability to detect and resolve problems that threaten people, process, technology and facilities.
- Resolution of an incident through an appropriate reaction to, and containment of, the problem constitutes security incident response.
- Review and analyze external threat intelligence feeds from industry, open source and security partners
- Follow the Incident management processes and improve monitoring and notification processes, triage and escalation process
- Proactive risk mitigation, analysis of emerging threats, relevance to Organization
- Operationalize threat detection and threat response based on intelligence feeds
- Provide actionable to respective resolutions team.
- Create hypothesis for hunts and hunt missions
- Test hypothesis and identify patterns
Safely acquire and preserve the integrity of cyber security data required for incident analysis to help determine the technical/operational impact, root cause(s), scope and nature of the incident - Detecting emerging threats based upon analysis, data feeds and sources (internal & external intelligence sources).
- Engaging with IT functions to ensure alerts are actioned appropriately and in a timely manner.
- Working within the team and the wider Information Security group to build new tools for intelligence gathering.
- Building and maintaining senior management dashboards to provide a clear understanding of team activities and threat landscape.
- Active Cyber Threat Hunting & provide recommendations to optimize cyber security based on threat hunting discoveries.
- Reviews asset discovery and vulnerability assessment data.
- Explores ways to identify stealthy threats that may have found their way inside your network, without your detection, using the latest threat intelligence.
- Responsible for Design, implementation, SIEM (Splunk , Arcsight) administration and setting up Security operation support from global security operation center Operation Support Installation, configuration & management using SIEM product/tool
- Ensure timely response to any cyber incident to minimize risk exposure and production down time
- Analyse and correlate incident data to develop a preliminary root cause and corresponding remediation strategy.
- Functions as the expert in networking experience as well as LAN/WAN optimization experience.
- Monitor availability and reliability of Data Center Network.
- Resolve hardware, operational, infrastructure and application incidents within our data center switch and routing infrastructure.
- Provide preventative maintenance, troubleshooting and quickly resolve routine problems to ensure infrastructure and application stability.
- Provide regular status reports on tasks accomplished, current issues and progress toward goals
- Provide planning, installing, configuring and maintaining routers, switches, VPN and Firewalls.
- Establish and maintain service levels; perform basic troubleshooting; monitor network implementations; and manage network device alarms.
Job Requirements
Qualification
- Bachelor's degree or above in Computer Science, Information Technology or related disciplines.
Experience - 5~12 years of experience in SOC.
- Necessary Skills and Abilities
- Skill Set: Security Operations Centre (SOC), Cyber Security, SIEM, Arcsight/Splunk, Threat Hunting, Threat Analysis, Cyber Kill Chain, TCP/IP knowledge, Network Package Analysis.
- Familiar with penetration testing tools (e.g. Nessus/Metasploit).
SKILLS:
- Network security architecture and design
- Routers and access control devices
- TCP/IP networking
- Firewalls, IDS/IPS and Policy Design & Management
- Experience with SIEM tools (Splunk, ArcSight etc), Wireshark or other analytics tools a plus
- Hands on Experience with Endpoint security products
- Any relevant IT or security certifications including CISSP, CISM, CRISC, CEH or SANS certs expected
Desired experience:
- 5+~12+ years of information security or networking experience
- Excellent customer service skills
- Excellent analytical thinking and problem solving skills
- Strong communication skills
- Self-managed and team oriented
- Deadline and detail oriented
- Highly motivated
Knowledge & Skills
- Expert knowledge of Cisco, Juniper or Huawei equipment and technologies
- Possess the ability to quickly identify, diagnose and provide solutions to complex problems, requirements and integration of various technologies.
- Expert knowledge with layer 2 and layer 3 technologies with a focus on network equipment, specifically routers, switches, firewalls
- Detailed knowledge and experience with Open Short Path First (OSPF) and Border Gateway Protocol (BGP), MPLS and IPSEC
- Ability to clearly communicate technical concepts to non-technical people.
- Ability to multi-task in a fast-paced environment.