We are pleased to announce the following vacancy for Analyst- Managed Security Operations Centre in the Managed Security Services Department within the EBU Division. In keeping with our current business needs, we are looking for a person who meets the criteria indicated below.
The Managed Security Operations Centre (MSOC) team is responsible for monitoring, assessing, and defending our MSOC clients Enterprise Information Systems. The team continuously develops and investigates correlated security event feeds, escalating any identified security incidents. They are the primary contact for any suspected security incidents, working together with the different customers remediation teams, resolving incidents, and foiling Cyber Security threats against our MSOC Customers Brand.
Reporting to the Senior Manager – Managed Security Services (MSS), the successful candidate will lend support in Cyber threat detection, working in 24/7 shifts, providing eyes-on-the-glass service, performing real-time monitoring and identification of security incidents. He/she will help identify suspicious activity, open incident investigation tickets and escalate any key concerns to the Level 2/3 for additional analysis & communication for the MSOC customers to action.
- Work in 24*7 shifts performing real time monitoring of security alerts generated by various security tools deployed by Managed Security Operatins Centre.
- Proactively research and monitor security information to identify potential threats that may impact the organisation.
- Open and update incidents in SIEM case management tool to report the alarms triggered or threats detected. Analyst should properly include for each incident on SIEM case management all details related to the logs, alarms and other indicators identified in accordance with the intervention protocol of each client and the SLA.
- Develop and distribute information and alerts on required corrective actions to the respective clients.
- Escalate validated and confirmed incidents to the client’s designated incident response team.
- Notify Client of incident and required mitigation works.
- Track and update incidents and requests based on client’s updates and analysis results.
- Fine-tune SIEM rules to reduce false positive and remove false negatives.
- Collect global threat intelligence and internal threats then inject actions based on analysis and recommendation.
- Work closely with Vulnerability Management and client designated incident response team.
- Understand the structure and the meaning of logs from different log sources such as FW, IDS, Windows DC, Cisco appliances, AV and antimalware software, email security etc.
- Perform threat intel research.
- Ability to run and understand Sandbox Static Analysis.
- Ensures that every phase of a particular project proceeds as scheduled
- Presents new ideas to MSS executives in order to increase and enrich the MSS portfolio.
- Support the commercial sales team in pitching the MSS solutions to the customer.
- Provide support when required as the technical point of contact for existing product partners
- Research market trends to find unmet needs
- Learn new attack patterns, actively participate in security forums.