30 Nov, 2022

L3 SOC Analyst

  • Nair Systems
  • Qatar
Full time Information Technology

Job Description

Nair Systems is currently looking for  L3 SOC Analyst  for our Qatar operations with the following skill sets and terms & conditions.

Qualifications and Experience


You are our ideal candidate if you have:


  • Relevant College or University qualification to bachelor’s level
    • 8 - 15 years of relevant experience.
    • Teamwork and good communication skills
    • Good understanding on Change and Patch management.
    • Security Monitoring and Operations capabilities
    • Incidence handling, forensic analysis and evidence handling capabilities.
    • Identity and Access governance and management technical capabilities.
    • Experience with Cyber Security Frameworks such as ISO27001, NIA, QCF2022

Good to have any field related certifications from:


  • SANS/GIAC
    • Offensive security
    • EC-COUNCIL
    • eLearn Security
    • ISC2
    • Microsoft
    • Cisco

Required skills:
Security Monitoring


  • Performs network security monitoring and incident response for numerous clients.
    • Maintains records of security monitoring and incident response activities, utilizing case
    management and ticketing technologies.
    • Closely involved in developing, tuning and implementing threat detection analytics,
    security sensors and SOC Infrastructure
    • Monitors and analyzes Intrusion Detection Systems (IDS) and Security Information and
    Event Management (SIEM) to identify security issues for remediation.
    • Creates, modifies, and updates Security Information Event Management (SIEM) rules.
    • Recognizes potential, successful and unsuccessful intrusion attempts and compromises
    thorough reviews and analyses of relevant event detail and summary information.
    • Communicates alerts to clients regarding intrusions and compromises to their network
    infrastructure, applications, and operating systems.
    • Prepares briefings and reports of analysis methodology and results.
    • Creates and maintains standard operating procedures and other similar documentation.
    • SIEM Monitoring & Threat Hunting
  • Incident Response
    Perform incident analysis by correlating data from various sources
    • Lead incident response engagements and guide through forensic investigations, contain
    security incidents, and provide guidance on longer term remediation recommendations.
    • Investigate data breaches and malicious activity leveraging forensics tools; analyze
    various systems to identify Indicators of Compromise (IOCs); examine firewall, web,
    database, and other log sources to identify evidence of malicious activity.
    • Track emerging security practices and contribute to building internal processes, and our
    various products.
    • Stay abreast of the current regulatory environment, industry trends and related
    implications.
    • Possess knowledge on network forensics, endpoint forensics, threat intelligence and as
    well as the functioning of applications or underlying IT infrastructure
    • Competent to create custom signature/rules for detection and prevention technologies
    being used in organization
    • Ability to create customized scripts for automation as well as for analysis
    • Advise on remediation
    • Perform Incident coordination and response.
    Digital Forensics
    • Performing digital forensics on endpoints and servers to determine the root cause of an
    incident
    • Conducting large scale digital forensics evidence gathering
    • Memory and disk forensics experience
    • Experience writing technical reports, detailing results of analysis
    • Experience with EnCase, FTK, X-Ways, Axiom, Forensic Explorer, Cellebrite and other
    forensic tools
    • Experience identifying and analyzing malware
    Malware Analysis
    • Should be able to perform Malware Analysis for PE and Non-PE files
    • Should have good experience in Static analysis
    • Knowledge of security/threat landscape for Windows/ / Linux Platforms.
    • Strong knowledge of Windows / Linux operating system internals and modern security
    problems.
    • Excellent analytical skills and ability to identify patterns and trends
    • Strong research skills, data knowledge, and ability to analyze and present complex data in
    a meaningful way
    • Good communication skills and an eye for detail
    • Able to perform well under stress, particularly in critical response situations
    • Strong understanding of Cyber Security, modern security problems and threat landscape,
    Operating Systems (internals), computer networking concepts.
    • Strong understanding of computer security, and/or threat landscape
    • Experience in analyzing large amounts of data
    • Strong capabilities in Microsoft products like Office Excel, Word, and PowerPoint
    • Knowledge and experience with malware behaviors or Advanced Persistent Threats
    (APTs) a plus

  • Endpoint Security

  • Antivirus solution implementation, management, insuring definitions are updated, and
    agents are successfully connected and functional
    • Device control protection
    • Vulnerability management, scanning, prioritizing remediation, following up with
    different teams to ensure vulnerabilities are remediated.
    • EDR solutions management, implementation, configuration and monitoring
    • Understanding of operating system, networking protocols, security and Internet
    environments
    • Experience installing, configuring and integrating a security environment
    • In-depth knowledge of TCP/IP, routing and host-based security technologies
    • Experience using application firewalls, SIEM, IDS/IPS
    • Application Control
    • Endpoint Detection and Response
  • Network Security

  • Solid Knowledge of the IT Network Security domains and corresponding solutions
    • Capable of evaluating the cyber risks related to networks to the IT environment
    • Knowledge of the TCP/IP stack, OSI model, Network hierarchy models, security zones,
    VLANs, Network access controls, Intranet/Extranet Edge gateway, remote access, QoS,
    firewalls, configuring rules, routing & switching, ACLs, scripting etc.
    • Knowledge of SIEM, security events logging and monitoring technologies
    • Awareness of Network monitoring technology platforms
    • DDOS Prevention
    • Intrusion Detection/Prevention
    • Web/Malware Sandboxing
    • Infrastructure and Application Vulnerability assessment

 

 

Terms and conditions
Joining time frame: 2 weeks (maximum 1 month)

 

Should you be interested in this opportunity, please send your latest resume in MS Word format at the earliest at nishanthini.suda@nairsystems.com

 

 

Nationality

All Nationalities

Years of Experience

6

Required Languages

English

Apply Now