Security Operations Center Analyst
Our client, a leading player in the Oil and Gas Industry, is currently looking for a Security Operations Center (SOC) Analyst – Incident Detection & Response.
You will be responsible for the daily cybersecurity incident detection, investigation, and response. Using the tools provided, you will reported security threats and takes them all the way from identification to eradication.
The role requires to work six (6) days on and three (3) off, including weekends and bank holidays, and rotating between morning shifts (07:00 – 15:30) and afternoon shifts (13:30 – 22:00).
Who we are:
We are a team of eight and our job is to protect the client from threats, so it can continue to provide uninterrupted services to the Saudi client, the mother company.
Our team is responsible for processes such as security monitoring, threat detection, incident response, threat intelligence, threat hunting, and vulnerability management, and security solutions management and maintenance.
- Has 4+ years of experience working on security incident detection, investigation, and response.
- Has a bachelor degree or equivalent in Technology, Computer Science or related field.
- Has working experience with Enterprise Security Information Event and Management (SIEM) tools and Log Management tools. Preferably, the candidate has basic knowledge and experience in Use Case Management.
- Has working experience with Endpoint Detection and Response (EDR) tools.
- Has the fundamental knowledge and experience on host and network forensics.
- Has basic knowledge on security technologies, such as Firewalls, Secure Web and Email Gateways, Intrusion Detection Systems (IDPS), Application Control, Sandboxing, etc.
- Is knowledgeable on Microsoft Windows and Linux internals.
- Preferably has working experience and/or knowledge in the following:
- YARA rules
- MITRE ATT&CK Framework and Cyber Kill Chain
- Security Orchestration, Automation and Response (SOAR) solutions
- Threat Hunting
- Scripting language skills (Python, PowerShell)
- Has a high degree of curiosity, especially in regards to incident investigation and response. The candidate is not quick in making assumptions, but rather looks deep and analyses extensively, in order to find hidden connections.
- Thinks and acts creatively and is not restricted to standard solutions.
- Is a good team player who enjoys working and exchanging knowledge and information. In addition, the candidate must be willing and capable of working for extended hours alone, during afternoon shifts and weekends.
- Has a critical mindset, speaks up, and challenges processes, ideas, etc., with the intention of improving the work and the team.
- Constantly works on improving his/her knowledge on cyber security and other business fields.
- Is proficient in the English language.
Interested? Please send your CV with salary breakdown to Cheryl Pinontoan, Recruitment Account Manager - firstname.lastname@example.org