Browse Jobs
For Employers
Post JobLog inGet Started

Senior SOC Engineer

Union Coop
Dokki, Giza
Posted 1 year ago
12Applicants for1 open position
  • 9Viewed
  • 0In Consideration
  • 4Not Selected
Search other opportunities

Job Details

Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:

Skills And Tools:

Job Description

·      Implementation and Administration of Splunk, QRadar, ArcSight

·      Leading 24x7 SOC Team. Weekly/Monthly trend analysis report for alerts and incidents.

·      Ability to work with minimum supervision.

·      Ability to work with remote teams.

·      Ability to work with different nationalities and in a different work environment.

·      Self-Motivated and have strong professional Work Ethics.

·      Perform root cause analysis on security and availability incidents producing harm charts per-incident and monthly/yearly summary reports

·      Tune and refine existing security filters and event rules to reduce false positives. Creation of customized reports, dashboard & Preparation of compliance dashboard

·      Conduct SIEM application training for the new hires and existing SOC employees

·      Advance SOC Setup - Orchestration and threat intelligence.

·      Network and security analysis/assessments and security monitoring

·      Performing Real-Time Monitoring Investigation, Analysis, Reporting, and Escalations of Security Events from Multiple log sources

·      Handles all end-users, report Incidents, problem ticketing, and change management ticketing with respect to Network Security within the agreed SLA.

·      Tracking and reporting the configuration changes in Routers, Switches, and Firewalls of different clients.

·      Device integration, creating rules, Active channel, Dashboard, Filters, Reports, queries, etc. in Splunk, QRadar, and ArcSight to track incidents.

·      Aggregating and Correlating Logs and Configuring Reports, Queries, Rules, Filters, Dashboards, Real-Time Alerts, and Console Resource Operations

·      Identify Union Coop Reporting requirements; Translate requirements into SIEM Technical Specifications.

·      Have a strong technical background in Enterprise infrastructure.

·      Familiar with Windows Servers, Linux OS, Networking, and security protocols.

·      Assist co-ordinate with the Security Incident Handling Team in providing assistance during investigations.

Job Requirements

Responsibilities:

SOC Monitoring and Implementation

·      3 - 5 years of experience in various information security domains like Compliance Audit, Security Operation Center, and threat intelligence and has a proven track record in the planning, designing, and execution of SOC implementation, business requirement mapping, Security information, and event management (SIEM) tooling. SOC governance (Including KPIs and metrics), SOC staff training and career development, SOC process, and audit.

·      Real-Time Log Monitoring in the Security Operations Centre (SOC) from different devices such as Firewalls, IDS, IPS, Operating Systems like Windows, Unix, Proxy Servers, Windows Servers, System Applications, Databases, Web Servers, and Networking Devices

·      Technical escalation of all L1, L2, and L3 incidents in SOC.

·      Project documentation

·      Delivery methodologies and skill enhancements

·      Analyze and troubleshoot delivery issues in a timely fashion

·      Manage a delivery team to ensure timely and accurate Union Coop Information Security deliveries

·      Oversee daily activities of the delivery team and provide direction and guidance as needed

 

·      Design, Create, and Innovate SIEM Use Cases in accordance with Union Coop's business requirement and as per the Cyber threat surface of UC’s line of business.

  • Good knowledge of SIEM tools like Splunk, QRadar, and ArcSight concept and architecture
  • Experience in implementation of SIEM Hands-on Experience in Device integration with SIEM

Cyber Threat Hunting, Analytics and Threat Intelligence

·      Knowledge of Data Science with excellence in analyzing large volumes of security data and determining patterns of interest or outliers or hidden attacks and building repeatable algorithms and machine learning models for application on regular basis to the data.

·      Experience in threat hunting and the use of algorithms and tools built by data scientists to actively hunt for attacks in large volumes of data, and create alerts that are passed on to SOC L1 & L2 analysts

·      Collate information from external threat sources as well as data from internal SOC and prepare actionable threat feeds and Intelligence briefs. Experience in integrating threat feeds with SIEM/ other security products of Union Coop as well as to active SOC Manager & SOC Engineering team. The intelligence briefs are consumed by SOC lead, Investigators, and SOC Engineering Team for creating COA.

Featured Jobs

Similar Jobs

Search other opportunities
JobsIT/Software DevelopmentSenior SOC Engineer