Security Analyst
  • United Arab Emirates Abu Dhabi
  • G42
1 year before
31.01.2024
Analyze
Threat Analysis
Job Description

Overview

G42 Cloud is building the MENA region’s largest and most powerful cloud infrastructure designed to make organizations more intuitive, agile and efficient and to solve real-world challenges. G42 Cloud’s world-class infrastructure is built to serve governments, special industries and enterprises of all sizes and leverages the power of artificial intelligence (AI) to deliver superior performance.

G42 Cloud operates its cloud platform end-to-end, having built best-in-class intelligent Data Centre facilities. G42 Cloud has also deployed thousands of AI enabled GPUs, one of the largest deployments in the world, allowing its engineers to develop and deploy machine learning solutions directly to their customers.

Role

As a Security Analyst (Tier 1), you will be responsible for monitoring in-house and client security alerts/incidents while working shifts.

Primary responsibilities include monitoring SIEM platform triaging alerts, work to cover 24/7 service with (8+1) hour work shifts. Participating in threat-actor based investigations, suggesting new detection methodologies and providing expert support to alerting, incident response and monitoring functions.

Day to day operations involves dealing with SIEM Monitoring, various reporting and security incident handling

Responsibilities

Coordinating and conducting event collection, log management, event management, compliance automation and identity monitoring activities using SIEM technologies.
Investigate incidents using SIEM and Bigdata technologies, packet captures, reports, data visualization and pattern analysis.
Ensure all incidents are handled within SLA and before end of shift.
Detect, identify, provide first-level incident handling of possible attacks/intrusions, anomalous activities, misuse activities and distinguish these incidents and events from non-malicious activities.
Effectively monitor health of the various log sources and report engineering teams in case of missing sources.
Monitor SIEM and SOC tools to identify potential performance problems, data loss, misconfigurations in SOC infrastructure also in the cloud.
Monitor external data sources (e.g., Threat Feeds) to maintain up to date threat conditions and determine the scope of impact of any incident on the Organization.
Perform vulnerability scans, reviewing the vulnerability scan results and support creating remediation actions.

Qualifications

To qualify, you must have

2+ years of related experience in information technology and/or information security preferred.
Experienced with data analysis, centralized logging (Splunk. QRadar, ELK, Kafka, rsyslog, etc.);
Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions.
Capability to develop use cases or additional detection capabilities based on the SIEM query language, understanding of incident response.
Skill to analyze large data sets and unstructured data, manually or using tools to identify trends and anomalies indicative of malicious activity.
Linux incident handling skill would be ideal
Knowledge of current security threats, techniques and landscape, and dedicated desire to research current information security landscape.
Experience in analyzing networking protocols, firewalls, host and network IPS, Linux, virtualization containers technologies, databases, web servers.

What we look for:

If you are a performance-driven, inquisitive mind with the agility to adapt to ambiguity, you will fit right in. You should be eager to explore opportunities to build meaningful collaborations with stakeholders and aspire to create unique customer-centric solutions. Bias for action and a passion to conquer new frontiers in the AI space is at the heart of the G42 community.

What working at G42 offers:

Culture: An open, diverse and inclusive environment with a global vision that encourages personal growth and focuses on ground-breaking, industry-first innovations.

Career: Outstanding learning, development & growth opportunities via structured training programs and innovative, high-tech projects.

Work-Life: A hybrid work policy to strike the perfect balance between office and home.

Rewards: A competitive remuneration package with a host of perks including healthcare, education support, leave benefits and more.

About G42

G42 is a global leader in creating visionary artificial intelligence for a better tomorrow. Born in Abu Dhabi and operating across the world, G42 champions AI as a powerful force for good. Its people are constantly reimagining what technology can do, applying advanced thinking and innovation to accelerate progress and tackle society’s most pressing problems.

G42 is driving change in the region and beyond, joining forces with nations, corporations and individuals to create the infrastructure for tomorrow’s world. From molecular medicine to space travel and everything in between, G42 realizes exponential possibilities, today.

To confidently demonstrate that you meet the criteria above, please contact us.

G42 is the force that gets you further. Join us.

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0058   Knowledge of network traffic analysis methods.
  • K0362   Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.).
  • K0405   Knowledge of current computer-based intrusion sets.
  • K0471   Knowledge of Internet network addressing (IP addresses, classless inter-domain routing, TCP/UDP port numbering).
  • K0604   Knowledge of threat and/or target systems.
  • K0612   Knowledge of what constitutes a “threat” to a network.
Required Skills
  • S0218   Skill in evaluating information for reliability, validity, and relevance.
  • S0228   Skill in identifying critical target elements, to include critical target elements for the cyber domain.
  • S0256   Skill in providing understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships.
  • S0288   Skill in using multiple analytic tools, databases, and techniques (e.g., Analyst’s Notebook, A-Space, Anchory, M3, divergent/convergent thinking, link charts, matrices, etc.).
Required Abilities
  • A0066  Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
  • A0084  Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products.
  • A0102  Ability to recognize and mitigate deception in reporting and analysis.
  • A0107  Ability to think like threat actors.