IR Lead \ Export Role

Raqmiyat

Abu Dhabi, UAE

Ref: GP557-25

Job description / Role

Employment: Full Time

Ultimate Opening for IR Lead \ Export Role

Key Responsibilities

• Analyze security events to verify incidents and their potential impact and risk to the clients.
• Prepare and share incident analysis form to initiate response to validated events by engaging the required teams or resources to address the security incidents
• Respond to IT Security incidents within the defined SLA. Perform detailed analysis of incidents in order to gather more information on the incidents. Identify mechanism to contain and eradicate the incident
• Once the incident has been contained and eradicated, ensure that proper recovery actions are performed. Investigate raised IT security incidents and initiate resolution by engaging the responsible teams, and escalating attention as needed to address threats and close risks.
• Utilize ticketing tool for efficient tracking of the incidents and investigation requests. Coordinating investigations of suspected attacks and breaches of security and Perform forensic investigation and analysis as required following industry best practices Perform a root cause analysis of the incident to ensure that the same vulnerabilities are not exploited in the future
• Share the lessons learned with the SOC team. Supporting in documenting new playbooks and updating existing ones

Requirements

Summary

IR Lead \ Export Role Looking after the day to day activities of security monitoring and incident handling to ensure that all raised incidents are being handled swiftly and up to customer satisfaction. enriching the security events with business context, business impact and threat operations, monitoring and event intelligence

• Job Location : Abu Dhabi
• Position : IR Lead \ Export Role
• Minimum Experience : 8 +

Qualifications & Certifications

• BA/BS or MA/MS in Engineering, Computer Science, Information Security, or Information Systems required and 5+ years of experience in one or more of the following areas: proactive and reactive hunt techniques, zero-day exploit activities, malware identification 3+ years of experience leading high-functioning teams
• Expert knowledge of network monitoring and network exploitation techniques
• Experience with common attack vectors, including advanced adversaries (nation state/financial motivation) Knowledge around common web application attacks including SQL injection, cross-site scripting, invalid inputs and forceful browsing Knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
• Strong written communication skills Required certifications include, Security+, CEH, GCIA, GCIH, CISSP or similar Experience working with cyber security tools and software such as Splunk, Symantec End Point, TrendMicro Antivirus, McAfee Web Gateway, Checkpoint Firewalls, Bluecoat, Sourcefire, Active Directory, or relevant cyber security assets

Summary of Experience

• 8-10 years experience in SOC operations and IR management.
• Leading IR team operations and in-house cyber security for multiple organizational entities using ARCSIGHTSIEM, SECURONIX SIEM, SPLUNK SIEM, LOGRHYTHM SIEM
• Hands-on monitoring of centralized SIEM tools to tackle down malware infections and outbreaks for multiple entities.
• Experienced in EDR Solutions like McAfee Active Response, Carbon Black, Crowd strike Falcon Host, Nexthink
• Experienced in Network Learning/Machine Learning Solution Darktrace Advising Organizational entities on a particular incident remediation and Threat landscape. Malware Analysis for the compromised machine images and preparing root cause analysis report.
• Spam mail investigation and remediation. Operating and Managing Vulnerability Management solutions such as Nessus, Qualys, Tenable, Outpost24

About the Company

Raqmiyat, a leading Systems Integration and IT Services company founded in 1983 in the United Arab Emirates, provides world class business solutions through its expertise in various domains and partnership with international firms of repute.

Raqmiyat is one of the Al Ghurair Group of Companies and an ISO 9001:2000 & CMMI Level 3 certified organization. We enable our clients to create and execute their digital transformation strategies. Our service is differentiated by the imagination, knowledge and experience across industries and technologies that we bring to every project we undertake.

Get personalised updates on latest vacancies
Job Alerts by Email
  • Personalised updates on latest career opportunities
  • Insights on hiring and employment activity in your industry
  • Typically sent twice a month