30 Nov, 2022

Cybersecurity Operations Center (CSOC) Senior Analysts

  • Nair Systems
  • Qatar
Full time Information Technology

Job Description

Nair Systems is currently looking for Cybersecurity Operations Center (CSOC) Senior Analysts for our Qatar operations with the following skill sets and terms & conditions.

Minimum Qualifications

•Degree in Computer Engineering / MCA

•Should have SIEM – Splunk Certification, CEH and other equivalent Cyber Security Certification

•10 or more years of experience in Cyber Security using SIEM, Endpoints, DLAP, Python Scripting, troubleshooting, monitoring and management

•5 or more years prior work experience in a CSOC environment focused on event collection and analysis

Must have

•Strong understanding of security operations concepts – perimeter defense, insider threat, kill chain analysis, threat hunting, security metrics, MITRE ATT&CK framework

•Hands-on experience in SIEM Administration and building use-cases; with working knowledge of Regular expressions (regex/regexp), MITRE Framework

•Good understanding of Information Security principles, accepted practices and guidelines such as ISO 27001, PCI-DSS, NIST, SABSA, COBIT, CIS, and OWASP

•Expert knowledge in collecting and analyzing Netflow& Firewall logs, IPS logs, OS security logs, PCAP, etc.

•Subject matter expertise in threat management, security incident event management, incident response and handling, root cause analysis and online research / self-study

•Experience in stakeholder engagement with excellent written and verbal communication skills

•Can work effectively in a team environment or autonomously

•Experience in APT detection, EPP/EDR, anti-malware, vulnerability scanning, DLP, and threat intelligence tools

•Flexible to work in shifts to cover 24x7x365 on-call operations; Ability to work under high pressure

Job Description

•Creation of Use cases using MITRE framework, Dashboard and Reports

•Strong technical background on Network Security, SIEM – USE Case Creation, Dashboard and Reports

•Active monitoring of system logs and network traffic for unusual activity and provide recommendations for remediation – to work as Escalation Engineer for CSOC

•Continuous monitoring and review of security events, reports, alerts and CSOC dashboards to identify anomalous patterns indicative of potential security incidents

•Responsible for timely and effective response to, and management of, incidents, events, notifications, calls and other activities related to CSOC including Root Cause Analysis

•Gather relevant information and provide actionable intelligence on potential cyber security threats and incidents

•Prepare CSOC reports (for presentation if needed) on daily, weekly and monthly KRIs

•Responsible for creation and fine-tuning of use-cases and alerts in the CSOC monitoring environment

•Perform regular health checks on all CSOC systems and tools and ensure that all hosts are monitored and required security event logs are being collected

•Take direction and guidance from InfoSec Management to build, support and update the CSOC playbooks/processes

•Render support for the administration and configuration of security controls such as SIEM, Anti-virus software, network security devices, PAM, DLP, Vulnerability Management, etc.

•Prepare security awareness messages, presentations and announcements for management, IT staff, and regular users

•Participate in regular cyber drills and CSOC exercises

•Identify and communicate daily all critical items requiring the attention of senior management and coordinate with relevant teams to provide necessary remediation action

•Perform exception reviews, due diligence activities and risk assessment when required

•Facilitate technology audit and control remediation activities to ensure items are closed in a timely manner

•Manage all documentation related to information security incidents

•Resolve technical security queries; research, investigate and provide control recommendations to address risk

Terms and conditions

Joining time frame: 2 weeks (maximum 1 month)

Should you be interested in this opportunity, please send your latest resume in MS Word format at the earliest at nishanthini.suda@nairsystems.com

Nationality

All Nationalities

Years of Experience

5

Required Languages

English

Apply Now