Senior Analyst - Security Operation Center (SOC)

Job Summary

The Senior SOC analyst will be responsible of analyzing and investigating security related logs against security threats and defined IoC’s. HE/She will conduct Threat hunting activities to identify security threats and IoC’s and recommend action plan to minimize the impact of the threat. Develop and write reports that analyze the Threat and IoC’s with impact and recommended actions.

Roles & Responsibilities:

• Manage day to day activity of the Security Analyst teams / Members providing supervision and review of the Analysts output
• Report to the SOC Operations Manager and communicate in both verbal and written reports of team activates
• Ensure timely accurate communications of alerts to internal and external teams regarding intrusions and compromises to On-boarded Entity network infrastructure, applications and operating systems
• Assist On-boarded Entity response teams with the implementation of counter-measures or mitigating controls
• Make recommendations to improve operational effectiveness and efficiency within SOC Operations
• Lead SOC analyst teams / member’s activities
• Monitor and analyse Advanced Threat events, Security Incident and Event Management (SIEM) toolsets and event logs to identify security indicator of compromise, attacks and threats for remediation and / or suppression
• Assist in Computer Security Incident Response activities for large organisations; work with first, second & third line security analysts (internal and external) to identify various malicious threats in an enterprise environment
• Where necessary, ensure incidents are appropriately generated, prioritised in line with defined criteria and dispatch incidents to the relevant On-boarded Entity or incident response team
• Review attack information in preparation for release to or onward review
• Recognise potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information

Educational Qualification:

University degree in Computer Science/ Information Technology from a recognized university

Primary Skills:

• GCIH
• SSCP
• CISSP
• CEH

Secondary Skills:

• GIAC/ GCIH
• +8 Years in Security / +4 years in SOC Operations

Experience:

• +5 years’ experience in an analytical role of either network forensics analyst, Threat Analyst or security engineer/ consultant
• +4 years’ experience in Investigative or Incident Response environments
• Excellent knowledge of Computer Networking and IT Security
• Excellent knowledge of common operating systems (e.g. Windows, Linux and Unix)
• Excellent knowledge of Security analytics and log management
• Good knowledge of Log and Data analytics solution elasticsearsh or similar
• Good oral and written communication in English (with Arabic an advantage)
• Excellent knowledge of security solutions and technologies, including: Linux, Network architecture/implementation/configuration experience and knowledge of packet flow/TCP/UDP traffic Firewall technologies, proxy technologies, anti-virus, spam and spyware solutions (Gateway and SaaS) Malware/security experience
• Strong Network Troubleshooting skills
• Demonstrated ability to make decisions on remediation and counter measures for challenging information security threats
• Expertise in analysis of TCIP/IP network communication protocols
• Good report Writing skills
• Advanced experience in SIEM toolsets operations and management
• Monitoring and collecting information on security incidents from large organisations
• Leadership of multiple technical teams
• Working on a shift structure as part of a 24/7/365 service delivery environment

Behavioral Skills:

• Decision making and risk management
• Customer orientation
• Team work and leadership
• Professional development
• Problem solving
• Process excellence
• Results orientation and execution excellence