Job Description

About the job
Company A large multinational Oil and Gas firm based in Sharjah

Position Title SOC Analyst

Direct Supervisor Manager, IT Security

Department Information Technology

Job Location Sharjah

Major Functions

Job Summary and Scope of Responsibilities

Evaluate and respond to information security alerts and incidents.

Primary Duties And Responsibilities

ESSENTIAL FUNCTIONS

Evaluate and analyze security incidents and alerts generated by the SOC and/or MSSP.
Liaise with different internal IT teams to ensure timely response to incidents and alerts.
Ensure different SLAs of incidents and alerts is met.
Support the SOC and/or MSSP in analysing and investigating security incidents and identify root cause.
Maintain and distribute reports of incidents and SLA met.
Work with stakeholders to resolve security incidents and vulnerability compliance.
Monitor health of security sensors like EDR, SIEM etc.
Periodically communicate security announcements and updates to end-users.
Keep up to date with security trends, threats and control measures.
Coordinate tasks as directed by the supervisor to assist in the improvement of the security of IT system.

Minimum Educational, Technical Qualifications/Certifications Required

Bachelor’s degree in Computer Science or Information Technology. Technical knowledge of networking concepts and network infrastructure. Technical knowledge of cybersecurity concepts and SIEM technologies. Solid understanding of network and computer security, security testing, software security
Certifications required: CISSP and/or CEH.
Familiar with penetration and vulnerability testing. Familiar with antivirus, Firewall, IDS/IPS protocols.

Minimum Professional Experience Required

Minimum 2 years of SOC L2 experience.

Competencies/Knowledge, Skills And Abilities

Core Competencies

Technical and analytical skills
Excellent communication, written and verbal skills in English
Excellent inter-personal skills
Willingness to learn new technologies
Problem resolution skills
Strong analytical, critical observation skills

Behavioral Competencies

Ability to work independently as well as collaboratively
Ability to Prioritize and Multi-task
Alertness & attention to detail
Ability to work in fast‐paced environment
Ability to work with individuals from different backgrounds
Good reasoning and sound judgment abilities

Functional Competencies

Technical knowledge of cybersecurity and incident response.
Working knowledge of SIEM and other security technologies.
Working knowledge of vulnerability assessment tools.
Working knowledge of standard networking protocols
Experience with Windows & Unix platforms

Quick response

Required Knowledge

• K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
• K0004   Knowledge of cybersecurity and privacy principles.
• K0005   Knowledge of cyber threats an`d vulnerabilities.
• K0041   Knowledge of incident categories, incident responses, and timelines for responses.
• K0042   Knowledge of incident response and handling methodologies.
• K0058   Knowledge of network traffic analysis methods.
• K0062   Knowledge of packet-level analysis.
• K0157   Knowledge of cyber defense and information security policies, procedures, and regulations.
• K0167   Knowledge of system administration, network, and operating system hardening techniques.
• K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• K0221   Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
• K0259   Knowledge of malware analysis concepts and methodologies.
• K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
• K0565   Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.

Required Skills

• S0003   Skill of identifying, capturing, containing, and reporting malware.
• S0077   Skill in securing network communications.
• S0173   Skill in using security event correlation tools.

Required Abilities