#4126 Consultant - SOC Analyst L2
PPL Dynamics
Doha, Doha, Qatar
منذ 6 يوم

Roles and Responsibilities

  • Triage and Investigate the assigned Incidents.
  • Create incident reports Include all the investigation steps, lessons learned and recommended actions.
  • Modify the use cases for false positive incidents.
  • Create and modify use cases, dashboards and reports.
  • Threat hunting.
  • Integrating with threat intelligence feeds.
  • Evaluating security products.
  • Vulnerability assessment and penetration testing.
  • Creating and modifying Runbooks for L1 and NOC then follow up on their execution.
  • Develop and write reports that analyze the Threat and IoCs with impact and recommended actions.
  • Provide communication and escalation throughout the incident per the SOC guidelines.
  • Communicates directly with the data asset owners and business response plan owners during high severity incidents.
  • Performs analysis of log files from different log sources.
  • Responsible for support issues from beginning to end and follow the documented escalation procedures.
  • Manages and assures threat feeds are received, aggregated, reviewed, and acted upon accordingly.
  • Experience and Qualifications :

  • 4+ years of hands on experience in Information Security domain.
  • 3+ years of experience in SOC NOC environments.
  • Expert knowledge in in SIEM solutions :
  • o Creating use cases, dashboards, reports.
  • o Integrating with threat intelligence feeds.
  • o Running complex queries.
  • Advanced hands on experience on vulnerability assessment and penetration testing.
  • Advanced knowledge about network attacks such as DoS and their countermeasures.
  • Advanced knowledge about Web Application Attacks and their countermeasures.
  • Advanced knowledge about hacking tools and their capabilities such as NMAP, Metasploit, etc...
  • Advanced Scripting knowledge for configuring automation.
  • Advanced knowledge about attack kill chain and incident response procedures.
  • Advanced Knowledge about Windows and Linux / Unix OSes.
  • Moderate Knowledge about forensic Investigation
  • Strong analytical skills which is used in threat hunting and in incident investigation.
  • Experience in MSSP is advantageous
  • Experience in multiple SIEM solutions (Splunk, QRadar, Elastic search)
  • Must have :

  • SANS SEC 503 training
  • CEH Certified
  • CHFI Certified
  • Good to have :

  • 6 Years in Security / +4 years in SOC Operation.
  • GIAC Certified Incident Handler (GCIH)
  • SANS FOR508 Advanced Digital Forensics, Incident Response, and threat hunting (GCFA).
  • SANS FOR610 Reverse Engineering Malware : Malware Analysis Tools and Techniques (GREM).
  • OSCP.
  • University degree in Computer Science / Information Technology from a recognized university.
  • بلغ عن هذه الوظيفة
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    تقديم
    بريدي الالكتروني
    بالضغط على "استمر" ، أعطي موافقة neuvoo على معالجة بياناتي وإرسال تنبيهات إلي بالبريد الإلكتروني ، على النحو المفصل في سياسة خصوصية لـneuvoo . يجوز لي سحب موافقتي أو إلغاء الاشتراك في أي وقت.
    استمر
    استمارة الطلب