الوصف الوظيفي
Threat Defense Operations & Incident Response Manager
Specialist Skills / Technical Knowledge Required for This Role:
• Knowledge of banking and financial processes and technologies/workflow
• Strong knowledge in information security processes, services, and systems
• Strong knowledge of threat hunting techniques, zero-day exploit activities, and malware identification
• Strong knowledge of network monitoring and network exploitation techniques
• Strong experience in Microsoft Sentinel architecture, administration, Use Case development and deployment. Kusto query language (KQL) experience is a must.
• Proven experience in assessing, designing, deploying, and operating SIEM platforms.
• Strong knowledge of SIEM configuration requirements and logic
• Knowledge of ISO 27001, NESA, PCI DSS, SWIFT and other security standards, and regulations
• Bachelor’s degree in computer science, Engineering, IT, or a related technical discipline
• Must be certified in at least three of the following certifications: Microsoft AZ-500, SC-200, SC-300, SC-100, EC-council CTIA, CSA, GCIA, GCIH, CISSP
Previous Experience:
• 7-9 years of experience in performing information security threat hunting and SIEM administration/Architecture in large international banks or financial institutions
• Experience with scripting/programming, exploitation techniques and use case development.
• Experience with common attack vectors and IOC datasets
• Experience with SIEM configuration logic development
• Proficient in Kusto query language (KQL) and experienced in developing use cases.
