Job description / Role
The Security Solutions Administrator is responsible for administering and maintaining the organization's security solutions, including but not limited to SIEM, Data Loss Prevention, Identity and Access Management, and Network Detection and Response solutions. The Security Solutions Administrator will create use cases and policies to identify and mitigate security threats, and manage the day-to-day operations of the security solutions.
ROLES & RESPONSIBILITIES
• Manage and administer various security tools such as SIEM, Network Detection and Response, Identity Access Management, Privilege Access Management etc.
• Create and customize dashboards, use cases and reports to provide visibility into security events and alerts for the SOC team and other stakeholders
• Develop and maintain metrics and reporting on SIEM performance, including event volume, response time, and resolution rates
• Collaborate with key stakeholders to develop specific use cases to address specific business needs
• Collaborate with application owners to define and establish logging standards to address various governance requirements
• Manage the provisioning, de-provisioning, and modification of user accounts and access privileges
• Maintain and troubleshoot IAM software solutions, including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and identity federation.
• Manages access controls to ensure that only authorized personnel can access the organization's systems and data. This includes implementing multi-factor authentication, managing user accounts, and setting permissions.
• Experience with configuring and managing security technologies, such as security information and event management (SIEM) systems, antivirus, anti-malware, vulnerability scanners, and network analysis tools.
• Knowledge of security assessment methodologies, such as penetration testing, vulnerability scanning, and risk assessments
• Expertise in creating ArcSight flex connectors
• Experience in system administration, including managing operating systems, databases, and applications
• Understanding of TCP/IP networking and protocols, including DNS, DHCP, SMTP, HTTP, and HTTPS
• Familiarity with incident response procedures and tools, such as forensic analysis and malware analysis
• Experience with automation and scripting languages, such as Python, PowerShell, and Bash
• Understanding of cloud security concepts and technologies such as Azure Security
• Ability to analyze security risks and recommend solutions to mitigate them.
• Strong analytical and problem-solving skills
• Excellent communication and interpersonal skills
• Ability to work independently and as part of a team
• Ability to prioritize and manage multiple tasks simultaneously
• Knowledge of security standards and compliance regulations, including UAE IAS and GDPR
EDUCATION AND EXPERIENCE
• Bachelor's degree in computer science, information technology, or related field.
• Minimum of 5 years of experience in administering security solutions such as SIEM, DLP, IDAM, and NDR.
About the Company
WFC Holding was born out of a market need for specialist shared services support functions in the UAE.
WFC Holding has rapidly expanded its service offering, capability, and client base to become an integrated business process outsourcing company.
Get personalised updates on latest vacancies