Minimum of 6 years’ experience in a major bank, Large Corporate or MSSP in a similar Cyber Threat SOC analyst or L3 role and at least 4 years of previous experience working in hunt teams, threat intelligence, incident response, or security operations Skill-Set:
• Excellent oral and written communications skills (English) and the ability to communicate IT, networking, and security concepts to personnel at all levels of experience and responsibility
• Adept in knowledge sharing and able to write technical articles, actively participate in individual or team projects, and mentor/coach less experienced security analysts, providing techniques and strategies for investigations
• Experience combatting crimeware or APTs and compile detailed investigation and analysis reports for internal SOC consumption and delivery to management
• A solid understanding of current cyber threats, vulnerabilities, and attack trends
• A strong understanding of security architectures and devices, threat intelligence consumption and management, and of identifying the root causes of malware infections and proactive mitigation
• Experience in scripting, YARA, Snort, RegEx and PCRE desirable
• Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors Qualifications:
Bachelor Degree preferably in computer science, computer engineering or related subjects, as well as professional certification such as CEH, CISSP, CISM, CISA, and CySA+
• Monitor and analyse IDS, analyses network traffic, logs analysis, prioritise and differentiate between potential intrusion attempts and false alarms.
• Work with Cyber Threat Intelligence solutions to identify threats, develop or recommend countermeasures, and perform advanced network and host-based analysis in the event of a compromise.
• Recommend system tuning, customization, improvement and expansion of the Cyber Threat Intelligence feed and toolset.
• Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
• Proactively drive hunting and analysis; undertaking threat hunting exercises using EDR tools and SIEM platform to identify threats, determine root cause(s), scope, and severity of each and report findings.
• Classify suspicious binaries, identify C2 traits and develop network and host-based IOCs
• Maintain up to date knowledge on threat actors, attack campaigns, current vulnerabilities, and countermeasures.
• Advise incident responders in the steps to take to investigate and resolve computer security incidents.
• Create and track investigations to resolution; compose security alert notifications and provide mentoring
• Regularly review standard operating procedures, and protocols, to ensure SOC continues to effectively meet operational requirements, and conduct “after action” reviews to identify lessons learned and best practices.
Job Types: Full-time, Permanent
|Job Location:||Doha, Qatar|
|Job Role:||Information Technology|
|Monthly Salary:||US $8,000|
|Career Level:||Mid Career|
|Nationality:||United Arab Emirates; Bahrain; Djibouti; Algeria; Egypt; Iraq; Jordan; Comoros; Kuwait; Lebanon; Libya; Morocco; Mauritania; Oman; Palestine; Qatar; Saudi Arabia; Sudan; Somalia; Syria; Tunisia; Yemen|