Send me more jobs like this
Get Email Alerts
Job Summary
- Facilitate the incident management process to ensure successful integration with the other areas in Mobily security.
- Perform investigation and escalation for complex or high severity security threats or incidents.
- Coordinate evidence/data gathering and documentation and review security incident reports.
- Manage security incidents from identification through remediation; receive, document, and report cyber security events.
- Categorize incidents and implement corresponding escalation procedures, Communicate and coordinate incident response efforts
- Perform intrusion scope and root cause analyses, assist intrusion remediation and strategy implementation.
- Conduct daily operational update meetings for SOC staff and unscheduled situational update briefings for management
- Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
- Recommend effective process changes to enhance defense and response procedures.
- Coordinate with IT and Network Operations to resolve high or critical severity level incidents
- Analyze compromised/potentially compromised systems and participate in incident response
- Monitor and audit malicious activity observed by or reported to the SOC.
- Perform other duties as required by higher levels of supervision.
Skills
- Experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT) or Computer Incident Response Team (CIRT)
- Must have experience working with various event logging systems and must be proficient in the review of security event log analysis. Previous experience with Security Information and Event Monitoring (SIEM) platforms that perform log collection, analysis, correlation, and alerting is also required – preferably at least one year’s hands on experience with ArchSight
- Must have experience with the identification and implementation of counter-measures or mitigating controls for deployment and implementation in the enterprise network environment
- Strong technical understanding of network fundamentals and common Internet protocols.
- System forensics/investigation skills, including analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise.
- Strong technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.).
- Experience responding to security incidents in a production environment, such as investigating and remediating possible endpoint malware infections and mitigating email borne threats such as spam and phishing.
- Advanced knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc)
- Advanced knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
- Advanced knowledge of malware operation and indicators (Wireshark, Gigastor, Netwitness, etc.)
Education
Information Systems, Computer Science, or related engineering discipline.
Mobily is a Saudi company and the commercial name for Etihad Etisalat Co. It is pioneer in the Telecom & Information Technology sector in Saudi Arabia which launched its business on 25th, May, 2005 and became the fastest growing companies in the world and its brand has become one of the strongest brands in the world Telecom sector.
Mobily continued its leadership strategy to stay an inspiring source in redefining concepts and sustain the competition change by being one of the major pioneer companies locally, regionally, and internationally. Its leadership sustainability transformed the social responsibility concepts in the Kingdom dramatically.
Visit Website