Security Incident Monitoring
1.Detect, classify, and report incidents to either escalate to the triage team or close the event to ensure the root cause of the incident.
2.Identify security risks and communicate escalations throughout the incidents per the Security Operations Center (SOC) processes.
3.Communicate directly with data asset owners and business response plan owners during high severity incidents to maintain the integrity of the Investigation.
4.Perform analysis of log files to investigate the events to identify the root cause of the incident.
5.Recommend tuning Security Information & Event Management (SIEM) filters and correlation rules to continuously improve monitoring and detection.
6.Create monitoring dashboards to ensure real time awareness of security.
7.Generate reports required for audit and compliance requirements and required SOC governance reports.
8.Participate in evaluating and recommending security solutions to ensure catering for logging and monitoring requirements in any system to fulfil SOC core objectives.
9.Monitor all log sources heart beat and report/investigate issues to ensure maintaining healthy logs to avoid any failure of data collection and impacting the core SOC monitoring function.
Qualifications & Experience:
Bachelor’s degree of Engineering, Computer Science or equivalent
Minimum 0 - 2 years of experience in cyber security and/or information technology (IT) security
Experience in analysing security logs
Proficiency with case management and ticketing systems interaction
Basic understanding of Information Security frameworks and best practices (e.g. PCI, ISO27K, NIST)
Recommended Certifications:
oSecurity+
oGIAC Information Security Fundamentals (GCIA)
Mandatory Certifications
oCertified Ethical Hacker (CEH)
Skills:
Very good command of English and Arabic languages
Good Communications skills
Good Analytical skills