METAMORFS
Greetings from Metamorfs currently we are having a job position with our client in
Location: Abu Dhabi UAE,
Salary:14k-15K AED/Month
Job Description:
• SOC L2 Analyst will be involved in the incident response program that aligns with the enterprise incident management framework and includes incident detection, analysis, containment, eradication, recovery and forensic artifacts required for additional investigations.
• Hands-on experience finding and responding to advance persistent cyber-attacks (APT) in a global network setting Change agent with ability to drive accountability & outcomes across a diverse threat landscape
• Experience with SOC incident response and management including 24x7x365 continuous monitoring, detection and analysis of potential intrusions in real-time Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
• Experience with attacks and mitigation methods, with experience working in two or more of the following: Network protocols and secure network design.
• Operating system internals and hardening (e.g. Windows, Linux, iOS, Android) Web application and browser security assessments and penetration testing
• It includes undertaking:
• SIEM configuration/tuning
• EDR configuration/tuning
• Resources onboarding
• Correlation rule creation
• Security Alert Triage
• Security Incident Response
• Security Reporting.
• Documentations (SOP, improve standards, etc)
The role will also require the following attributes:
• Ability to work autonomously as well as contribute in a team and professional environment
• Ability to effectively manage multiple, concurrent activities, while understanding and managing priorities, dependencies, and risk
• Strong communication (verbal and written) and interpersonal skills
• Strong focus on customer service and outcome
• Strong in resources coordination, planning and organizing
• Proven ability to adapt and maintain a flexible approach to changing needs or priorities
• Strong reporting and analytical skills with attention to details
• Strong problem-solving skill with the ability to resolve complex technical issues
• High level of initiative and self-motivation.
Qualifications
• ITIL foundations (nice to have not essential)
• GCIH, Splunk certified, Monitoring the SIEMs
• Minimum five years of Experience working in a SOC preferably with an SI, MSP or a Vendor.
• Engaging with other relevant technical groups including service desk personnel and system engineers to facilitate the collection of data, and provision of information relevant to supporting related capabilities
• Understanding output from SIEMs in the context of the environment, escalating incidents appropriately and providing meaningful reporting
• Experience with the relevant technologies and domains, including system logging and log auditing.
• Proven experience of developing and enhancing SOC Run Books
• Proven experience of Case Management and ensuring cases are resolved within required SLA
Desirable experience/understanding of technologies but not limited:
• TCP/IP Networking Configuration & Troubleshooting.
• Router & Access Control Device Configuration & Troubleshooting
• Unix / Linux Operating System Configuration & Troubleshooting
• Any relevant IT or security certifications including CEH or SANS certs are expected
• CryberArk and Imperva Database security • Advanced Configuration and tuning Splunk
• Use case creation and tuning, log onboarding
• Customizing the use cases
• System Logging
• Firewalls, Web Gateway, EDR – Microsoft, Proofpoint, McAfee, Crowdstrike
• PAM, PKI, Deception, Vulnerability Management, Citrix • AWS & Private Cloud hosted technology landscape •
Incident response tool (TheHive, Resilient)
• Different security at layers
• Email Gateway – Decipher malicious Email (O365, Exchange, Zimbra)