Full Time
Posted 2 months ago

Security Operation Center

A Security Analyst is a member of the SOC team will monitor security events that are generated by Security systems or platforms and investigates those events to determine any potential threats to the customer’s environment. Also, handle all incident escalations by customer and help them by providing root cause analysis report and recommendations.
Essential Duties and Role Responsibilities (includes but not limited to)
The Security Analyst will utilize technical expertise and polite professional etiquette while performing the following duties:

Ability to detect and resolve problems that threaten people, process, technology and facilities.
Resolution of an incident through an appropriate reaction to, and containment of, the problem constitutes security incident response.
Review and analyze external threat intelligence feeds from industry, open source and security partners
Follow the Incident management processes and improve monitoring and notification processes, triage and escalation process
Proactive risk mitigation, analysis of emerging threats, relevance to Organization
Operationalize threat detection and threat response based on intelligence feeds
Provide actionable to respective resolutions team.
Create hypothesis for hunts and hunt missions
Test hypothesis and identify patterns

Bachelor’s degree or above in Computer Science, Information Technology or related disciplines.
5~12 years of experience in SOC.

Necessary Skills and Abilities
Skill Set: Security Operations Centre (SOC), Cyber Security, SIEM, Arcsight/Splunk, Threat Hunting, Threat Analysis, Cyber Kill Chain, TCP/IP knowledge, Network Package Analysis.
Responsible for Design, implementation, SIEM (Splunk , Arcsight) administration and setting up Security operation support from global security operation center Operation Support Installation, configuration & management using SIEM product/tool
Ensure timely response to any cyber incident to minimize risk exposure and production down time
Safely acquire and preserve the integrity of cyber security data required for incident analysis to help determine the technical/operational impact, root cause(s), scope and nature of the incident
Detecting emerging threats based upon analysis, data feeds and sources (internal & external intelligence sources).
Engaging with IT functions to ensure alerts are actioned appropriately and in a timely manner.
Working within the team and the wider Information Security group to build new tools for intelligence gathering.
Building and maintaining senior management dashboards to provide a clear understanding of team activities and threat landscape.
Active Cyber Threat Hunting & provide recommendations to optimize cyber security based on threat hunting discoveries.
Reviews asset discovery and vulnerability assessment data. Explores ways to identify stealthy threats that may have found their way inside your network, without your detection, using the latest threat intelligence.
Familiar with penetration testing tools (e.g. Nessus/Metasploit).
Analyse and correlate incident data to develop a preliminary root cause and corresponding remediation strategy.

Network security architecture and design
Routers and access control devices
TCP/IP networking
Firewalls, IDS/IPS and Policy Design & Management
Experience with SIEM tools (Splunk, ArcSight etc), Wireshark or other analytics tools a plus
Hands on Experience with Endpoint security products
Any relevant IT or security certifications including CISSP, CISM, CRISC, CEH or SANS certs expected

Desired experience:
5+ To 12+ years of information security or networking experience
Excellent customer service skills
Excellent analytical thinking and problem solving skills
Strong communication skills
Self-managed and team oriented
Deadline and detail oriented
Highly motivated

Other Vacancies

Job Features

Job CategoryInformation Technology (IT)
Job LevelExperienced - Non Managerial
LocationCairo Egypt

Apply Online

A valid email address is required.