Senior CSOC Consultant

Help AG is looking for an experienced Senior CSOC consultant in the Cyber Security Operations Centre the role will contribute to the effective operation of the CSOC, ensuring the protection of the organization's assets. The role will proactively identify threats and risks, implement detection and response processes within the CSOC and perform Cyber security incident investigations. The role is expected to coordinate with ITD Stakeholders to ensure smooth operation of CSOC's supporting technologies, demonstrate deep understanding of cyber threats, proactive identify, monitor and respond to potential risk events.

Responsibilities

• Build effective relations within ITD to ensure the effective delivery of CSOC services and response to events.
• Promote awareness and support the implementation of appropriate controls and processes.
• Support relationships with the Managed Security Service Provider, working closely to ensure adequate coverage and mutual understanding of security needs and expectations.
• Operate and maintain the CSOC technology stack.
• Execution of CSOC event and incident investigation processes to detect and analyze malicious activity, ensuring timely identification and response to security threats.
• Support the identification and implementation of security monitoring use cases based on the cyber threats as identified by threat modelling, threat intelligence and environmental factors.
• Draft, maintain and improve playbooks and incident response plans aligned with monitoring use cases.
• Design, implement and oversee the deployment of automated actions to ensure prompt containment and response measures are effectively executed.
• Design, implement and execute vulnerability and compliance management activities, including stakeholder reporting.
• Provide reporting and metrics in support of IT Security, CSOC, Vulnerability Management and Compliance management requirements.
• Provide constructive feedback to IT Security regarding identified control and monitoring gaps to improve security posture.
• Enable reporting and monitoring to ensure that all applications/products/services being implemented are in accordance with security specifications.
• Review MSSP activities to ensure adherence to the Statement of Work and Service Level Agreements, ensuring contractual obligations are met.
• Support on the development of the Cyber-Security Operations Centre Roadmap and the execution of tasks and activities to implement required capabilities as per the roadmap.
• Provide technical support and foster an environment of collaboration, commitment, and team spirit.
• Review the design quality of others to ensure adherence to standards and identify corrective action, if needed.
• Support team members in line with the mission, vision, values, goals, and performance standards and ITD.
• Foster an environment of collaboration, commitment, and team spirit. Inspire, motivate, and guide junior team members.
• Run training sessions for other members of the team, transferring knowledge across the domain.
• Keep abreast of market conditions.
• Analyze risks, escalate issues, and report breaches of police, as necessary.
• Serve as a role model by consistently adhering to all policies and procedures.

Qualifications & Skills 

• Minimum 5 - 7 years relevant experience working within a security organization of a financial institution or other highly regulated company.
• Relevant Information Security certifications, education, or training e.g.: CISSP, CCSP, CISA, CISM, OSCP, SANS, etc.
• Bachelor’s Degree is required.
• Development experience or knowledge of common programming languages.
• Expertise implementing and operating SIEMs, Security Analytics, Endpoint Detection and Response tooling.
• Expertise in SIEM use case, playbook development etc.
• Proven experience in cyber security event and incident investigations.
• Experience in a CSOC Tier 3 role.
• Proven experience in managing CSOC, Vulnerability and Compliance Management technologies.
• Exposure to machine learning, artificial intelligence, data science in a cyber security context
• Demonstrates adaptability to change.
  
• Skilled in collaborating and leveraging teamwork to drive necessary changes.
• Capable of balancing long-term and short-term impacts of decisions.
• Proficient in conflict resolution.
• Possesses excellent interpersonal skills, including collaboration, facilitation, and negotiation.
• Exhibits outstanding written and verbal communication skills.
• Shows exceptional planning and organizational abilities.

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Annual flight tickets to home country.
• Inclusive and diverse working environment.
• Flexible/hybrid working environment.
• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.