#4144 Senior Engineer - SOC Analysis - L2 (OT)
PPL Dynamics
Doha, Doha, Qatar
منذ 6 ساعات

Description :

  • Responsible for monitoring cyber security solutions in support of detection and analysis of potentially compromised systems, performing root cause analysis, and supporting remediation efforts.
  • Has a good technical knowledge of IT and OT cyber security and an interest in becoming an expert in OT security.
  • Possess hands-on experience with SIEM solutions, and creating detectors; experience performing, and managing, threat hunting and Incident Response activities, and maintain an awareness of latest threats within industry.
  • Responsible for researching the potential impact of threats to the customer organizations and communicating the risks.
  • Closely cooperate with operational staff on a customer site(s).
  • Required Skills :

  • Total Experience : 5 (or more) years in cyber security operations and a minimum of 2-years in an Operational Technology environment
  • Experience with operational technologies such as Programmable Logic Controllers (PLCs),
  • Supervisory Control and Data Acquisition (SCADA) software, and Distributed Control Systems (DCS)
  • Understanding of IT and OT network communication protocols (including TCP / IP, UDP, DNP3, Modbus, OPC) and ability to perform packet analysis
  • Experience with building IT / OT Security capabilities inside SOC
  • Experience working in security operations environments, and experience with key SOC technologies such as SIEM and log aggregation (E.
  • g., ArcSight, Splunk ES, IBM QRadar etc.)

  • Understanding of threats, vulnerabilities, and exploits in ICS environments and appropriate mitigation techniques
  • In depth understanding of operating systems, network / system architecture, and IT architecture design
  • Experience with OT Cyber Security Solution (E.g., Dragos, Claroty, Nozomi, Indegy, etc.)
  • Excellent written and oral communication skills
  • Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources
  • Experience with security technologies such as firewall logs, IDS / IPS, endpoint security solutions, proxies, and other related security technologies
  • Security Operations Center OT Security Analyst Role Profile
  • Educational Qualifications :

  • Relevant Degree
  • Additionally, one or more relevant industry certification.
  • Desirable :

  • Familiarity and experience working within the region
  • Experience working as part of a MSSP or MDR provider
  • Experience working with continuous operations (24 / 7)
  • Familiarity and experience with multiple SIEM and EDR solutions
  • One or more of the following certifications GICSP, GRID, GCIP
  • Roles and Responsibilities :

  • Act as Subject Matter Expert (SME) on OT cyber security related issues providing advice and support to Clients and the business as necessary
  • Provide On-Call support to identify and manage cyber security incidents
  • Assists in the development and knowledge transfer to team members
  • Serves as the escalation point for security issues related to OT Cyber Security.
  • Recommend necessary corrective and preventive actions to reduce risk
  • Participate in OT security incident response through all phases
  • Conduct hunt for Indicators of Compromise (IOC) and APT (Advanced persistent Threat) Tactics, Techniques, and Procedures (TTP)
  • Analyze threat intelligence and communicate findings to relevant groups
  • Provide clear and repeatable hunt tactics and techniques to Monitoring and Detection teams
  • Revise, enhance and develop processes and procedures to strengthen the current Security Operations Framework
  • Supports operational excellence through identifying opportunities for continuous improvement and automation
  • Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
  • Responsible for integration of standard and non-standard logs into SIEM solution(s)
  • Conduct Post-Incident Reviews and create ad-hoc reports, dashboards, metrics to measure SOC operations effectiveness and presentation to Senior Management and Client stakeholders as necessary
  • Co-ordinate with stakeholders to build and maintain positive working relationships
  • بلغ عن هذه الوظيفة
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    تقديم
    بريدي الالكتروني
    بالضغط على "استمر" ، أعطي موافقة neuvoo على معالجة بياناتي وإرسال تنبيهات إلي بالبريد الإلكتروني ، على النحو المفصل في سياسة خصوصية لـneuvoo . يجوز لي سحب موافقتي أو إلغاء الاشتراك في أي وقت.
    استمر
    استمارة الطلب