الوصف الوظيفي
-Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs and other security threat data sources
-Correlate and analyze events using the ArcSight / Splunk SIEM tool to detect IT security incidents
-Create, Follow and Present detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents
-Respond to inbound requests via phone and other electronic means for technical assistance with managed services
-Respond in a timely manner (within documented SLA) to support, threat and other cases
-Document actions in cases to effectively communicate information internally and to customers
-Resolve problems independently and understand escalation procedure
-Maintain a high degree of awareness of current threat landscape
-Lead delivery, and support others in the delivery, of knowledge sharing with Analysts and writing technical articles for Internal Knowledge Bases, Blog Posts and Reports as requested
-Perform other essential duties as assigned
-Candidate in this position must be able to work in rotating shifts within a 24/7 operating environment
-Analysis of log files, includes forensic analysis of system resource access.
-Create, Follow and Present customer reports to ensure quality, accuracy and value to the Client
-Creation of new Content (Use Cases, Queries, Reports) within the SIEM Platform (Splunk)
-Education and Training of other Analysts in use and operation of SIEM Platform (Splunk)
On-site Work with Clients as required
المهارات
-4-5 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, intrusion detection, or firewall administration.
-2-3 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows
-1-2 years of experience as a Senior or Lead Analyst, or equivalent experience guiding, mentoring and teaching other Analysts
-A Degree in Computer Science, Information Systems, Electrical Engineering or a closely related degree
-An active interest in Internet Security, incident detection, network and systems security
-A sound knowledge of IT security best practices, common attack types and detection / prevention methods.
-Demonstrable experience of analysing and interpreting system, security and application logs
-Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce
-Experience in using Splunk as an Analyst for Threat and Incident Detection is required
-Experience with ArcSight, Envison, LogRhythm, QRadar, NitroSecurity is preferable but not mandatory
-TCP/IP knowledge, networking and security product experience
-Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc and possible abnormal activities, such as worms, Trojans, viruses, etc.
-CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable
تفاصيل الوظيفة
منطقة الوظيفة دبي, الإمارات العربية المتحدة
قطاع الشركة الإتصالات
طبيعة عمل الشركة شركة توظيف
الدور الوظيفي الحماية
نوع التوظيف
الراتب الشهري غير محدد
عدد الوظائف الشاغرة غير محدد
المرشح المفضل
المستوى المهني متوسط الخبرة
*** تقدم على الرابط التالي : Apply on the following link ***
https://www.bayt.com/ar/uae/jobs/mss-sr-security-analyst-lvl-3-3989631/