SOC & CYBER SECURITY ENGINEER

TMF

Audit & Control

129+ Applicants

Posted: 3 years ago

1-5 years

Dubai

Work From Office

Posted: 3 years ago

Applicants: 137+

Job Description

About Company

Similar Jobs

Please verify your account first! Send OTP

Please click on the Apply to verify the status of jobs posted more than 15 days ago, as they may have expired. Similar Jobs

Job Description

Category: Security Career Level: Experienced Number of Vacancies: 1 Required Qualification: BCS, BS IT, MCS Required Certification: CCNA, CCNP Required Experience (years): 8 Salary Per Month: Negotiable Allowances Offered: Required Gender: Male Last Date: 31-Oct-2022 Location: Dubai, UAE :

Responsible for planning, design, deployment, and Implementation of various SIEM solutions like ArcSight, Azure Sentinel, Splunk, LogRhythm and QRadar on the desired workspace from scratch.

liaise with peers in the IT Security team and other sections within the IT Division to resolve security incidents, vulnerabilities, and in troubleshooting related network problems. Evaluate new and amended security packages, as assigned.

Review monitoring, use cases, relevant policies, processes and provide feedback to maintain the activities related to security incidents and vulnerability management.

Worked as L2/L3 resource for SOC Team whose main task is to work on SIEM administration, integration, troubleshooting and alert monitoring.

Hands on Experience on SIEM ArcSight, Splunk SIEM, Azure Sentinel, LogRhythm, QRadar, Palo Alto Firewalls and Panorama central Management Server, Kaspersky EDR, Manage Engine-AD Big ip F5 load balancer.

Develop, manage, optimize, and continuously improve processes to enhance the overall cyber threat intelligence function

Investigating the issues escalated by SOC L1/L2 Analysts.

Preparing Incident handling and Incident response document for various incidents such as phishing, DOS&DDOS, Malware, DLP and instructing team members to firmly follow.

Good understanding of key security concepts and attack types such as phishing, malware, vulnerabilities, Cyber Kill Chain, and attack stages.

Investigate IT security breaches and incidents to improve practices and processes for reducing the likelihood and impact of security related incidents.

Architecting SIEM systems and its core components in Sentinel.

Troubleshoot issues related to Azure Security monitoring.

Planning maturity roadmap to manage day to day SOC activities

Developing Reports/Workbooks/Analytic Rules/Automation Playbooks in Azure Sentinel.

Migrating on-prem servers to Cloud.

Data Types monitoring if anything goes quiet.

Working on Azure Active Directory, Microsoft Defender for Cloud and Microsoft Defender for Endpoint

Developing Playbooks using logic apps to automate the process.

Performing Entity Behaviour of the suspected user in Sentinel, perform system Health on Weekly basis using KQL Queries.

Developed various playbooks with complete flowchart created as per the Incident Response plan. In case of breach the analyst can refer the playbooks and respond as mentioned in the flow chart.

Involved in solving the critical incident from triage to collecting artifacts and if required can perform forensics analysis in the lab environment.

End to End compromised assessment and investigation.

Providing Incident response plan as per the SLA set by the higher management.

Assist the project manager in project-related activities, especially in creating/reviewing the use cases, for any new/existing systems and co-ordinate with SOC team to add/update the use cases.

Design, implementation of Security Operations Centre (SOC) and optimization of Enterprise security solutions and services. Develop and administer SOC processes and review their application to ensure that SOC’s controls, policies, and procedures are operating effectively.

Developed processes to strengthen the current Security Operations framework, ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.

Co-ordinate changes (upgrades, enhancements, and configuration) to production and test environments related to IT Security assessment/monitoring systems as required. Follow change management processes to carry out the changes.

Suggest improvements in processes to enhance the first and second level support of IT Security monitoring and vulnerability assessment environment.

Content building in Azure Sentinel, LogRhythm, QRadar, Splunk & ArcSight -Rules, Filters, query, query viewers, dashboards and data monitors for active real time monitoring.

Investigating and performing Malware analysis proactively to secure Infrastructure and troubleshooting all threats events detected from Symantec and Kaspersky End Point protection.

If any suspicious or any critical alert or incident came in Kaspersky EDR then performing malware analysis on the application.

Use threat information to create security measures to assess vulnerabilities as well as mitigation strategies.

Analyzed and reported Network forensic case by extracting and reviewing logs from Network Devices.

Working to primarily focus on developing and automating in-house threat hunting and detection frameworks, remarkably mitigating the response time for incident investigations for an organization.

IPS/IDS Signature analysis (McAfee NSM and Sourcefire).

Enhancing ArcSight Logger for Monitoring Activity by Creating Reports Sql)/Dashboards/Query/Auto Alert Notifying.

Actively investigates the latest security vulnerabilities, advisories, incidents, and penetration techniques and notifies clients when appropriate.

Checking the health of public portals and database storage management and security device management. Also working on F5 ASM, Kaspersky Antivirus, Sourcefire IPS. Also handling IronPort and FireEye for email gateway security.

Assist, co-ordinate with the Security Incident Response Team (onsite projects team) in providing assistance during investigation.

Root Cause Analysis dof the events from different Network devices for detail investigation & based on that taking the appropriate action & remedy steps.

Participating in the analysis of Information Security metrics (Tripwire, McAfee, etc.)

Maintain, modify, and enhance Information Security related systems, tests, evaluations, and risk assessments.

Ensure that the tickets raised per shift are closed as per SLA and if not escalate as per the escalation Matrix defined.

Experience with network monitoring systems and packet capture systems for network analysis and troubleshooting.

Preparing the network and security checklist.

Managing the Cisco Iron Port E-mail gateway, Symantec E-Mail Gateway & McAfee email Gateway as per creating the security policy standard.

Standard Responsibilities:

Implement all relevant section policies, processes, and procedures so that work is carried out in a controlled and consistent manner.

Execute the continuous improvement of systems, processes and practices considering ‘international leading practice’ and changes in business environment and leveraging insights. This includes supporting the related change management efforts.

Contribute to the preparation of timely and accurate reports to meet the section requirements, policies and standards.

Job Specification:

Requirements:

Looking to get Placed? Try our Placement Guarantee Plan

Qualification: Bachelor’s degree in Cybersecurity, Computer Engineering, Computer Science, Enterprise/Information Technology, Information Systems or related field

Min. Experience: Minimum of 8+ years’ experience with IT Security Program/Project Management.

Job Location: Dubai, United Arab Emirates

Position Type : Full Time

Position Level : Senior Level

Essential Requirements:

Must have at least two of the following certifications:

SIEM: ArcSight (ESM & Logger), Splunk, LogRhythm, QRadar & Azure Sentinel

Cisco ASA and Palo Alto Firewalls

Kaspersky and Symantec (Endpoint Security)

Mail Gateway: IronPort & Symantec.

Kaspersky EDR

Forcepoint DLP

Manage Engine – AD Audit Plus

Proxy: Forcepoint and McAfee

F5 load balancer

Sourcefire (IPS)

Cisco ISE

Security+

CCNA/CCNP

Certified Ethical Hacker (CEH)

ITIL (Foundation)

Physical Exertion:

Minimal: Sitting and walking within the office 90% of working time.

Visiting sites for 10% of working time.

Skills

PlanningAutomationOperationsAudit

If an employer asks you to pay any kind of fee, please notify us immediately. Jobaaj does not charge any fee from the applicants and we do not allow other companies also to do so.

About Company

TMF Group, a global professional services firm, offers diverse career opportunities under TMF Careers. With a presence in over 80 countries, TMF provides expert solutions in accounting, tax, HR, payroll, and corporate secretarial services. TMF Careers caters to individuals seeking dynamic roles in finance, law, administration, and consulting. As part of TMF's vibrant team, professionals engage in challenging projects, fostering growth and development. Emphasizing a supportive work culture, TMF nurtures talent through training and mentorship programs. Join TMF Careers for a rewarding journey in a leading global organization, where innovation, collaboration, and excellence thrive.

Important dates & deadlines?

Application Deadline

15 Nov 22, 12:00 AM IST

Similar Jobs

View All

Jobaaj

Don't Miss out any Updates

Subscribe now for the latest job alerts
and never miss an update

Job Alert

Google hiring for Specific Roles Apply Now!

1 min ago

New Opportunity

Amazon is hiring freshers Apply Now!

5 min ago

Featured Jobs

Microsoft opening 50+ positions Apply Now!

10 min ago