Operational Engineer L 2 – Network Security

Job Summary

At Emirates, we believe in connecting the world, to and through, our global hub in Dubai and in constantly innovating to ensure our customers ‘Fly Better’. Join our CyberSecurity team where we ensure a world class CyberSecurity organisation based on the key principles of People, Process and Technology underpinned with executive endorsement of a multi-year strategy to continuously improve and develop. The team protects our digital assets by monitoring for threats, responding to incidents, managing vulnerabilities, and ensuring compliance with security policies and regulations.

As an Operational Engineer Level 2 – Network Security, you will lead and oversee Cybersecurity analysis, activity monitoring and investigations within a shift. Handling advanced incidents and service requests and guide Level 1 engineers to provide expertise in complex troubleshooting scenarios. Additionally, you will coordinate with escalation engineers on the investigation and resolution of critical cybersecurity incidents to ensure accurate triage, timely escalation and resolution within SLAs.

In this role, you will be responsible for:

• Addressing escalated incidents and service requests.
• Guide Level 1 engineers in troubleshooting.
• Ensure timely resolution and fulfilment of escalated issues.
• Maintain clear documentation of complex incidents.
• Monitor external threat data sources to maintain the cyber network defence threat conditions and determine which security issues may have an impact on the enterprise.
• Perform a detailed analysis of cyber threat adversaries and recommend preventative countermeasures.
• Assess and identify Advance Persistent Threat (APT) activities.
• Maintain and support the shift log for effective shift handover.
• Monitor and review triage activities performed by the L1 analysts and ensure accurate incident closure.
• Assist in creating playbooks and updating the knowledge base repository.

Qualifications & Experience

To be considered for this role, you must meet the below requirements:

• A degree or Honours (12+3 or equivalent) in Computer Science, Information Systems, Engineering, Telecommunications, or other related scientific or technical discipline is desired.
• 3+ years’ experience in a cross-functional and interdisciplinary team. GIAC Certified Incident Handler (GCIH) or equivalent certification is mandatory.

Knowledge/Skills:

• Threat Detection and Response (CSOC): Able to analyse security alerts and differentiate false positives. Advanced proficiency in administration and configuration of SIEM, EDR and other security Platforms.
• Infrastructure Protection: Proficiency in advanced firewall configurations and intrusion detection systems.
• Identity: Understanding of advanced IAM configurations and role-based access controls.
• Advanced understanding of enterprise IT Cybersecurity operational environment.
• Understanding of the latest security principles, techniques, and protocols.
• Clear thinking and ability to deal with escalations effectively.
• Knowledge of database and operating system security.
• Knowledge of web servers, operating systems, and network protocols.
• Excellent verbal and written communication skills.
• Ability to triage and escalate effectively.

Specific knowledge and skills for the role of Operational Engineers Level 2- Network Security:

The following are critical skills required to be successful in this role:

• Configuring and administering firewalls (such as Palo Alto Networks, Fortinet, and Cisco ASA) to regulate and monitor incoming and outgoing network traffic and ensure network security policies are followed is a skill that requires proficiency.
• Intrusion Prevention Systems (IPS): Capacity to implement and oversee IPS procedures to identify and avert network security risks. In order to do this, network traffic must be configured, watched over, and analysed for potential risks.
• Virtual Private Networks (VPNs): Expertise in establishing and managing VPNs using encryption and authentication techniques to safely link remote users or offices to the network.
• Configuring and managing proxy servers: Expertise in establishing and adjusting forward proxy servers, with a thorough awareness of the different parameters, guidelines, and regulations that are involved.