Skills And Tools:
- Provide Incident Response (IR) support when analysis confirms actionable incident
- Provide threat and vulnerability analysis as well as security advisory services
- Assist Entry-Level SOC analysts to help them build stronger skills
- Review layer 1 analysts ticket queue, review tickets, closure or reassignment as needed
- Create/review/modify documentation as needed, to include any process or procedure and thus ensure it’s up to date and standard
- Daily/Weekly/Monthly SOC Reports
- Perform basic forensics tasks
- Participate in evaluating, recommending, implementing, and troubleshooting security solutions and evaluating IT security of the new IT Infrastructure systems
- Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats
- Provide recommendations in tuning and optimization of security systems, SOC security process, procedures and policies
- Define, create and maintain SIEM correlation rules, customer build documents, security process and procedures.
- Staying up-to-date with emerging security threats including applicable regulatory security requirements
- Excellent oral and written communications in English
- Ability to successfully handle multiple priorities simultaneously is required.
- Capable of meeting and exceeding Service Level Agreements (SLAs) as required per customer requirements
- Demonstrated skills in digital investigations including: computer forensics, network forensics, malware analysis and memory analysis
- Ability to analyze data, such as logs or packets captures, from various sources within the enterprise and draw conclusions regarding past and future security incidents
- Strong knowledge of IT including multiple operating systems and system administration skills (Windows, Solaris, Unix)
- Strong understanding of security incident management, malware management and vulnerability management processes
- Security monitoring experience with one or more SIEM technologies –IBM QRadar, LogRhythm, Splunk and intrusion detection and prevention technologies
- Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP
- A Bachelor's Degree / Diploma in a relevant area of study with a preference for Information Security, Computer Science or Computer Engineering
- Experience with scripting (Bash/Python).
- Minimum 4 years of experience in the field of IT Security having information Security for handling SIEM/Firewall/IPS/WAF/any other in-scope solutions.
- Valid certification for either CEH/ECIH/CHFI/Any SIEM Technical Certification/Any Firewall Technical Certification/or any other industry-related certificate.
- IBM Qradar certification (Admin/Analyst).
- Experience with SOAR technology is preferred.
- DC Network Senior EngineerConfidential Company - Cairo, Egypt7 days ago