Security Resident Engineer

الوصف الوظيفي
- Continuously monitoring local SOC tools for alerts and security incidents
- Classifying incidents into appropriate categories
- Taking actions based on incident severity such as:
. Notifying Client system owners
. Following incident response plan
. Escalating incidents to client security team according to the incident response escalation procedure
.Properly documenting Incidents
- Documenting and reporting false positives
- Suggesting or implementing filtering tools to suppress recurring false positives.
- Resolving SOC tickets and ticket related issues
- Tracing attacks and gather information about attackers
- Verifying logging and reporting of newly integrated devices
- Providing feedback for optimization and enhancement of device and/ar backend signatures
- Creating or updating use cases for new systems and applications.
- Configuring & monitoring global threat feeds
- Monitoring the SOC dashboards
- Analyzing events and incidents that are reported by the SOC tools
- Conducting regular vulnerability scans against internal and Internet IP addresses
- Monitoring the level of system compliance to technical security standards
- Communicating with other units in IT during incident Investigations
- Creating a weekly report and share it with the technical management. The report shall summarize the SOC activities Including security incidents and actions
- Creating a monthly report and share it with the executive management. The report shall
Summarize the major incidents that were handled by the SOC
- Calculating and reporting SOC effectiveness metrics
- Maintaining and operating the latest versions of the SOC tools
- Updating the SOC tools as necessary for changes to SOC processes and procedures
- Identifying, categorizing, prioritizing, and investigating correlated events collected from firewalls network devices, web proxies, Intrusion detection/protection systems, Antivirus systems, Databases etc.
- Monitoring the SOC trouble tickets and maintaining an acceptable number of tickets at any paint of time without jeopardizing the quality of how tickets are being handled
- Maintaining a record of all the activities conducted by the SOC. This shall at least include:
. Date and time of the activity
. Actions taken by the SOC analysts
. Communication with other MNG-HA personnel or external parties such as vendors and external consultants
. SOC analyst system login attempts
. SOC analyst check-in and check-out
- Conducting regular information security knowledge transfer sessions to the client team.

المهارات
- The SOC resident engineer should have the following certifications:
. BSc or MSc in Cyber Security or relevant degree. (Must)
. Certified CompTIA CESAR
. Certified CCNA Cyber Ops
. Certified Ethical Hacker (CEH).
. Certified GIAC: Cyber Defense. (Certified Enterprise Defender)
. Certified GIAC: Incident Response and Forensics. (Network Forensic Analyst)
- The SOC resident engineer should have a minimum 5 years of experience with the following responsibilities:
. SOC engineer or equivalent
. Cyber Security Analyst 2
. Incident handler
. Vulnerability Management Assessor/Administrator
. SIEM Administrator

تفاصيل الوظيفة
منطقة الوظيفة الجبيل, المملكة العربية السعودية
قطاع الشركة تكنولوجيا المعلومات
طبيعة عمل الشركة صاحب عمل (القطاع الخاص)
الدور الوظيفي تكنولوجيا المعلومات
نوع التوظيف دوام كامل
الراتب الشهري غير محدد
عدد الوظائف الشاغرة 1
المرشح المفضل
المستوى المهني متوسط الخبرة
عدد سنوات الخبرة الحد الأدنى: 5 الحد الأقصى: 7
منطقة الإقامة المملكة العربية السعودية
الشهادة بكالوريوس/ دبلوم عالي
التعليم
Cyber Security or relevant degree

*** تقدم على الرابط التالي : Apply on the following link ***
https://www.bayt.com/ar/saudi-arabia/jobs/security-resident-engineer-3924054/