Senior Security Engineer
  • United Arab Emirates Dubai
  • Help AG
1 year before
31.01.2024
Protect and Defend
Cyber Defense Analysis
Job Description

Job Description:

The Senior Security Engineer is responsible for administering and managing Security technologies and/or services such as EDR, NDR, Nessus, MVA (Managed Vulnerability Assessment), Palo Alto and Fortinet firewalls. The Engineer will be responsible for the creation of procedures, implementation of process development, and maintenance of security systems across the client environment. The Engineer will work closely with Management, Senior Engineers, Threat Analysts, Solution Architects, other Security Engineers, and clients to complete high profile, critical services to existing Managed Security Service clients.

This position will be based in Dubai, UAE and will be responsible for the administration, maintenance, and integration of NDR, EDR and Tenable (for vulnerability assessments) security platforms, operations technical analysis, assessment, and recommendations in the areas of real-time security, operational network & identity management system, and applications systems security monitoring.

Responsibilities:

• Handle the implementation/deployment/support of Nessus scan engines and Tenable security center and peripherals with engineering, SOC, TIU, and IR.
• Maintain local and network credentials, Tenable security center, and provisions access to vulnerability scanning systems.
• Integrate Nessus/TSC with other security and IT systems management tools.
• Document vulnerabilities and work on vulnerability mitigation with agreed SLA.
• Managing EDR sensors including deployment, operation, management, maintenance, update, upgrade, patching, and administration.
• Should be able to create syntaxes to detect indicators of compromise (IOCs) and malicious behavior of new threats.
• Hands on in writing a query in EDR, NDR to search the desired events.
• Assess customer needs and expectations, design solutions to meet those needs, and then implement the design.
• Quickly build and solve a problem using a new technology to determine viability.
• Serve as a primary responder for Managed Security customer systems, taking ownership of client configuration issues and tracking through resolution.
• Administration and management of Firewall, WAF, Proxy technologies
• Incident analysis, investigation, and resolution for security technologies.
• Ticketing and follow up with different stake holders for the resolution.
• Configuration backup and restoration.
• Availability and performance monitoring.
• Daily/weekly/monthly service reporting as applicable.
• Vendor coordination and problem resolving.
• License usage monitoring and reporting.
• Patch/software upgrade.

Qualifications & Skills:

• 8+ years working experience in managing and administering security solutions in large enterprise.
• Minimum 5 years of proven experience supporting and maintaining Nessus MVA, NGFWs, EDR, NDR, Web Proxy.
• Professional experience working with networks and network architecture.
• College degree or equivalent training with experience working in Device Managed Services, or client network environment.
• Practical hands-on experience in EDR (Carbon Black), NDR, and Microsoft Azure.
• Splunk, Azure Log analytics, or equivalent big data engine experience.
• Experience with MS Azure information protection and technologies, including solution architecture, deployment, management, and support in a large global enterprise.
• Good to have Azure, managed vulnerability (Nessus/Tenable), EDR, NDR and Next gen Firewall related security certifications.
• Knowledge of Linux and Windows operating systems.
• Experience with various other SIEM security products such as: Splunk, ArcSight, Nitro, or LogRhythm and infrastructure components such as proxies, firewalls, IDS/IPS, and DLP.
• Experience working with clients in a service delivery function.
• Shift flexibility, including the ability to provide after-hours support when needed.
• Experience working with internal and client ticketing and knowledge base systems for Incident and Problem tracking as well as procedures.

Benefits:

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.

About Us:

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge. Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity.

With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.


Quick response

Required Knowledge
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0013   Knowledge of cyber defense and vulnerability assessment tools and their capabilities.
  • K0040   Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
  • K0046   Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
  • K0070   Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • K0106   Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities.
  • K0107   Knowledge of Insider Threat investigations, reporting, investigative tools and laws/regulations.
  • K0324   Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications.
  • K0339   Knowledge of how to use network analysis tools to identify vulnerabilities.

Required Skills
  • S0025   Skill in detecting host and network based intrusions via intrusion detection technologies (e.g., Snort).
  • S0036   Skill in evaluating the adequacy of security designs.
  • S0054   Skill in using incident handling methodologies.
  • S0078   Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
  • S0167   Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Required Abilities
  • A0015  Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • A0128  Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.