Senior Cyber Security Operations Engineer I
at Careem Alexandria, Egypt Careem is building the Everything App for the greater Middle East, making it easier than ever to move around, order food and groceries, manage payments, and more. Careem is led by a powerful purpose to simplify and improve the lives of people and build an awesome organisation that inspires. Since 2012, Careem has created earnings for over 2.5 million Captains, simplified the lives of over 70 million customers, and built a platform for the region’s best talent to thrive and for entrepreneurs to scale their businesses. Careem operates in over 70 cities across 10 countries, from Morocco to Pakistan.
What You will do
Responsible for the validation and analysis of investigations within Security Operations Center (SOC) Analyst Responsible for the monitoring, validation and analysis of investigations of events and alerts on AWS Cloud Infrastructure, SaaS applications and onprem infrastructure Provide expert analysis of Cloudtrail, CloudWatch, VPC Flow logs for event/incident analysis Guide and support automated security alerts and use cases in AWS cloud Carry out triage of incoming issues (initial assessing the priority of the event, initial determination of incident to determine risk and damage or appropriate routing of security or privacy data request) Proactively identify vulnerabilities across the entire infrastructure environments and suggest updating of SIEM use cases to generate alerts ‘On Call’ availability for rare ‘fire drill’ scenarios, for example on high-critical incident response scenarios, or emergent imminent widespread threats requiring urgent action Provide communication and escalation throughout the incident per the SOC guidelines. Identify and manage a wide range of intelligence sources to provide a holistic view of the threat landscape and filter out noise in order to focus and execute upon actionable intelligence Ensure that all security events and incidents (internal / external) are logged into Jira and regularly updated and closed within the set SLA’s Leading the development of actionable use cases to detect, triage, investigate and remediate based on latest threat actor trends, support teams with the technical implementation of parsing log sources creating, validating and testing alerting queries to reduce false positives
What you will need
Minimum 3+ years of operational experience preferred in security operations center, threat intelligence, insider threat operations, threat management, cyber security, information security or related functions. Bachelor's degree in Computer Science, Management Information Systems, Information Systems, or a related field/experience is required. Experience within financial services areas is preferred. Strong knowledge of Security Methodologies and Frameworks.
Experience
Experience in Highly available 24x7 Enterprise Operational Environment Familiarity with cloud architecture/infrastructure and general networking principles. Experience with virtualization technologies, especially with AWS services. Strong demonstrated knowledge of web protocols, common attacks, and an in-depth knowledge of Linux/Unix tools and architecture. System administration, configuration and patch management, zone security, firewall and IAM SOC / Pen-Tester / Purple Team / Threat Intelligence / Threat Hunting or similar background, or demonstrable experience through self study Proven success in working SOC function/team, including (but not limited to):
+ Experience maintaining metrics, reporting and SLAs
+ Security operations experience with operating systems, AWS cloud infrastructures
+ Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework
+ Strong analytical skills and attention to detail
+ Experience around security processes and technologies
+ Ability to research, analyze, and resolve complex problems with minimal supervision and escalate issues as appropriate
+ Thorough documentation skills
+ Outstanding written and verbal communication skills
+ Must be a highly motivated individual with the ability to self-start, prioritize, and multi-task
What we’ll provide you
We offer colleagues the opportunity to drive impact in the region while they learn and grow. As a full time Careem colleague, you will be able to:
Work and learn from great minds by joining a community of inspiring colleagues. Put your passion to work in a purposeful organisation dedicated to creating impact in a region with a lot of untapped potential. Explore new opportunities to learn and grow every day.
Work 4 days a week in office & 1 day from home, and remotely from any country in the world for 30 days a year with unlimited vacation days per year.
(If you are in an individual contributor role in tech, you will have 2 office days a week and 3 to work from home.)* Access to healthcare benefits and fitness reimbursements for health activities including gym, health club, and training classes.
