Job description / Role
At DarkMatter, we are building an organisation of specialists to provide the ultimate integrated cyber security protection available. Whatever the scope, scale or sensitivity of our clients' work, we'll assess their risks, resolve their vulnerabilities and always keep them ahead of the threat, offering them the best possible products and solutions.
Responsible for the validation and analysis of investigations escalated from the Tier 1 Security Operations Center (SOC) Analysts. Responsible for completing the documentation of the investigation; determine the validity and priority of the activity and escalate to a Security Response Team, as needed. Tier 2 Analysts are required 24x7 per on-call schedule. Analyzes medium to high complexity technical and system problems.
As a Senior SOC Security Analyst (II), you will:
- Contribute to the preparation of the business plan of the organization
- Identify areas for improvement in business processes providing possible cyber security solutions compliant with the ICT strategy
- Build requirements, specifications, business processes, and the business case related to the proposed solutions
- Analyze required information and documents
- Make recommendations to ICA senior management
- Ensure that change management processes are implemented
- Ensure the reliability, confidentiality, security and integrity of information systems
- Elaboration and translation of the security monitoring policy into monitoring rules
- Provide awareness of information security / technology innovation and potential value to a business
- Make recommendations for the development and implementation of a business project or a technological solution
- Participate in the definition of general project specifications
- Participate in the assessment and choice of cyber security solutions
- Ensure security and appropriate use of cyber security solutions
- Ensure security and appropriate use of cyber security resources
- Perform risk assessments (evaluate risks, threats, and impact)
- Draft security plans
- Draft security operating procedures
- Develop or review security configurations, security baselines
- Contribute to implementation of the ICA's Information Security policies
- Implement applicable technical or operational controls
- Review security plans and security operating procedures
- Secure handling, analysis, and exchange of cybersecurity information with relevant Stakeholders and trusted partners
- Provide security training and education
- Provide technical validation of security tools
- Contribute to the definition of security standards
- Monitor security developments to ensure data and physical security
- Provide expert support and initial inputs to the incident/major incident management process
To bring your dream to life, you'll need:
- 7+ years of hands on experience in Information Security domain.
- 3+ years of experience in SOC/NOC environments.
- Hands on experience with SIEM technologies and other log management solutions (Arcsight, Splunk, ELK, Solarwinds, etc.)
- Good understanding of Unix/Linux and Windows operating systems.
- Experienced in Vulnerability and patch management.
- Device administration and implementation experience in IPS solutions.
- Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detections tools, DDoS protection tools, Endpoint
- Protection, Data Integrity tools)
- Experience with security scanning tools.
- Understanding of IOC's and Intel feed management and or usage.
- Experience in Use Case development.
- A solid understanding of the Kill Chain Process.
- An understanding of the full ticket lifecycle
- An understanding of the hunting concept.
- Arcsight, Splunk, McAfee, Symantec, Tripwire, Cisco,
- SANS GIAC (GSEC, GCIH, GCIA, GCFA)
Working in Abu Dhabi
At DarkMatter, we're turning our biggest ideas into reality in the fastest moving and most dynamic city on the planet. Working here, you'll lead technical innovation in the region while taking advantage of all Abu Dhabi has to offer. From first class healthcare and education, to superior living accommodations and cultural attractions, you'll find your ideal career and more in this global crossroads. The UAE is one of the safest and most secure areas in the world. And with its location between Europe, Africa and Asia, you'll expand your worldview in just a short flight. But you won't have to venture far from the city to experience its diversity. You'll find people of over 50 nationalities working in the DarkMatter Group. Join us and see that while far away from the concrete tech jungle, Abu Dhabi is an oasis where your latest innovations will thrive and grow.
About the Company
DarkMatter is transforming the cyber security landscape. Headquartered in the UAE and operating globally, we're the region's first and only fully integrated digital defence and cyber security consultancy and implementation firm. Our elite team of global experts deliver advanced, next-generation solutions to governments and enterprises across the cyber security spectrum.
We help clients simplify the enormous complexity of today's ever-evolving cyber threats. Our vision is to protect the future by securing its technologies. Innovation and Research are cornerstones to our development and the activities in these areas underpin our entire range of offerings, including Secure Communications, Public Key Infrastructure and Big Data & Analytics products.