Industry : Oil & Gas
City / Country : Doha, Qatar
Location : Doha
Our client, world's largest oil & gas company is looking for a Information Security Monitoring (Ll / L2) Analyst willing to work under the following conditions :
Following are T&C for the role :
Work Location : Doha Qatar
Type of Assignment : Contract
Contract Duration : 1 year
Status : shifts on 24x7 basis. Each shift is 8 hours
Housing allowances : Provided
Transportation allowances : Provided
Mob / Demob Ticket : Provided
Detect and respond to information security incidents leveraging tools and processes provided.
Provide direct communication to affected users in the event of security incidents.
Monitor, research, analyses and understand log sources originating from security and networking devices such as firewalls, routers, proxy, anti-
virus products, and operating systems in search of indicators of compromise.
Perform analysis and technical reviews of vulnerability assessments on all systems, applications and interfaces using detection / prevention tools and threat intelligence data.
Research / Deep Dive into activity logs and security events detected by a SIEM to identify potential exploitation methods and record activities within operational management systems (e.
g., ticketing systems).
Provide analytical support to Tier 3 activities and mitigation suggestions in the context of a security incident.
Generate reports per shift based on defined KPIs and shift's activities.
Validate and report efficacy of SIEM rules and provide input on tuning and optimization of security systems.
Remain current with emerging security threats including applicable regulatory security requirements.
QUALIFICATIONS I KNOWLEDGE I SKILLS / EXPERIENCE
Bachelor's degree in information security, computer science, or systems engineering
5+ years' experience working in a large-scale IT environment with focus on Information Security, and knowledge of Operational Technology
2+ years' operating experience in industry leading SIEM products
1-3 years previous Security Operations Centre Experience in conducting security investigations
Good knowledge of IT including multiple operating systems and system administration skills (Windows, Unix)
Good knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products
Strong understanding of security incident management, malware management processes
Experience with web content filtering technology - policy engineering and troubleshooting
Strong understanding of networking principles including TCP / IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP
Knowledge of security best practices and concepts Vulnerability Assessment & Penetration Testing
Demonstrated ability to analyses, triage and remediate security incidents;
Demonstrate knowledge of Cyber Security principles, techniques and technologies such as SANS Critical Security Controls and OWASP;
Demonstrated knowledge of security related technologies and their functions (IDS, IPS, FW, WAF, SIEM and the like);
Certification in at least one industry leading SIEM product
Possession of Industry Certifications (OSCP, OCSE preferred, GCIH, SANS ICS, GCIA, Certified Incident Handler (GCIH), Certified Intrusion Analyst (GIAC), Certified Ethical Hacker (CEH), (CISSP), CHFI, SANS cyber Threat Hunting, SANS GREM, SIEM / security tool equivalent technical certification.
If this offer is of your interest , Kindly apply