IT Security conducting L2 Support
  • United Arab Emirates Abu Dhabi
  • Sundus
1 year before
31.01.2024
Protect and Defend
Cyber Defense Infrastructure Support
Job Description

Job Role - IT sceurity conducting L2 support

Job Description
• Candidate should have over five years of experience in a Security Operation centre.
• Have Experienced in SIEM tools & other security applications such as Forcepoint, Nexpous, Palo Alto, Citrix & Cloudflare.
• Expertise in Cloud Security Operation (AWS).
• Performing incident analysis based on triggered correlated alerts, alarms, and raw events.
• Provide recommendations to the concern teams to resolve the incident and follow up with them.
• Use Case fine-tuning and new use case development as per the latest threat landscape and best security practices.
• Creating reports and dashboards to monitor Incidents and use cases of IT Security.
• Real-time monitoring and response to additional alarms and vulnerabilities.
Technical Expertise
• SIEM Solutions Handling: Qradar & Splunk
• Nexpouse Rapid 7 Technology expertise
• AD Audit Managed Engin Technology expertise
• Forcepint Email & Proxy Technology expertise
• AWS Security Operation Expertise
• Paloalto Technology expertise
• CCNP & CCNA Certification
• Office 365 Security onboarding Technology expertise

Quick response
Required Knowledge
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0042   Knowledge of incident response and handling methodologies.
  • K0044   Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • K0324   Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0334   Knowledge of network traffic analysis (tools, methodologies, processes).
Required Skills
  • S0053   Skill in tuning sensors.
  • S0054   Skill in using incident handling methodologies.
  • S0077   Skill in securing network communications.
  • S0079   Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
  • S0124   Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Required Abilities
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).