الوصف الوظيفي
Cyber Security is one of the fastest growing areas of Client with significant growth plans through additional recruitment and acquisitions. The role requires working within a 24/7 SOC operational support environment incorporating a tiered Security support model across a range of Security support functions in Qatar.
Your primary objective will be too proactively monitor and hunt through customer environments to detect and respond to information security threats. You will help to protect an organization by employing a range of technologies and processes to prevent, detect and manage cyber threats. This can include protection of computers, data, networks and applications.
The Security Operations Analyst Level 3 role is tasked with evaluating SIEM (Security Incident Event Manager) related events flagged for review by established strategies. This evaluation is performed with various validation tools, understanding and application of computer security topics and malware infections, and identification of new techniques to make quick decisions with a high rate of accuracy. The person in this role will contribute to the strategic development of a new pilot program aimed at further enhancing the world class experience. The Security Operations Analyst Level 3 is expected to adhere to numerous Key Performance Indicators to ensure decisions are made balancing factors such as risk tolerance and customer experience.
المهارات
Forensic Investigation and handling is the key responsibility.
Profile Requirements
• Proposition of specific recommendations
• Forensic Investigation and handling.
• Creating and maintaining an incident response plan (IRP)
• Investigating and analyzing incidents
• Managing internal communications and updates during or immediately after incidents
• Communicating with employees, shareholders, customers, and the press about incidents as needed
• Remediating incidents working with right stakeholders.
• Recommending technology, policy, governance, and training changes after security incidents
• Investigate and solves security breaches and other cyber security incidents and provide incident response.
• Incident analysis for correlation rules design and implementation
• Business use-cases design and deployment
• Check of applied recommendation for L3 incidents
• Validates weekly, monthly, quarterly, half and yearly reports
• Definition and follow up of incident reconstruction plans
• Malware analysis, reverse engineering
• Deals with incidents from L2 and investigation and qualification of L2 incidents
• Access to tiers tools for investigation
• Development, fine-tuning, and implementation of threat detection analytics
• Provides investigation on complex incidents
• Provides forensics investigation and analysis ( memory, filesystem, network, mobile iOS/Android forensics,
• Analyze and provides threat intelligence information
• Provides advisories on incident modelling and reconstruction
• Define new correlation rules in the SIEM depens on the requirements
• Provides security crisis management
• Very good communication skills with fluent English
• Deep log analysis skills on SIEM - Logrhythm, Logrhythm experience and knowhow will be plus.
• Very good knowledge of Windows and/or Linux/Unix,
• Very good understanding of security incidents, networking and common protocols,
• Scripting in Python, Bash, Perl, PowerShell.
• Review standard security arrangements — that is, provide external/semi-external reviews
• Manage audits and training for new threats
• Stay current on IT security trends and news.
• Analyze for attacks, intrusions and unusual, unauthorized or illegal activity
• Investigate new vulnerabilities and share the latest industry-level responses
• Investigate security breaches and other cyber security incidents and provide incident response.
• Liaise with different internal and external stakeholders when an incident occurs
• Manage remotely‑stored critical information (passwords, network configs, etc.) in an emergency
• Use advanced analytic tools to determine emerging threat patterns and vulnerabilities
• liaise with stakeholders in relation to cyber security issues and provide future recommendations
• Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
• Stay current on IT security trends and news.
• Research security enhancements and make recommendations to management.
• Min 3 years of SOC Level 2 and Min 2 years of SOC Level 3 experience.
Mandatory Skills : Experience is SIEM tool Analysis and Administration , Incident management, Forensic Investigation, Communications skills.
Mandatory certifications – Any SIEM Analyst and Administration, Any Forensic certification, ITIL.
تفاصيل الوظيفة
منطقة الوظيفة الدوحة, قطر
قطاع الشركة خدمات الدعم الإداري
طبيعة عمل الشركة شركة توظيف
الدور الوظيفي تكنولوجيا المعلومات
نوع التوظيف عقود
الراتب الشهري $4,000 - $5,000
عدد الوظائف الشاغرة 1
المرشح المفضل
المستوى المهني متوسط الخبرة
عدد سنوات الخبرة الحد الأدنى: 10
منطقة الإقامة قطر
الشهادة بكالوريوس/ دبلوم عالي
العمر الحد الأقصى: 51
*** تقدم على الرابط التالي : Apply on the following link ***
https://www.bayt.com/ar/qatar/jobs/soc-forensic-investigator-4108582/
نسخة للطباعة 
ابلغ عن اعلان مخالف