Job closed
Ref: GP334-686
Job description / Role
Our client in the UAE is looking for NOC Engineers/Analysts Tier III. You will have the chance to implement your own ideas, work with the best minds in the industry and use top-notch technology. Anticipated start date is between 3-6 months, depending on security clearance.
Among others, you would be responsible for the following tasks and activities:
• Provide incident handling and incident documentation for Tier 2 and 3 incidents
• Provide initial investigation of Tier 2 and 3 security incidents
• Provide communication and escalation throughout the incident per the SOC guidelines
• Communicates directly with the data asset owners and business response plan owners during high severity incidents
• Proactively look for suspicious anomalous activity based on data alerts or data outputs from various tool sets
• Performs analysis of log files
• Provide technical escalation point for Tier I (security incidents, security alerts and response to general inquiries that require security risk, privacy or threat input)
• Responsible for support issues from beginning to end and follow the documented escalation procedures
• Manages and assures threat feeds are received, aggregated, reviewed, tickets and acted upon accordingly
• Feeds data back to threat feed sources where appropriate of new threats found during internal investigations
• Takes information from the vulnerability management team about vulnerabilities found and opens incident tickets against the appropriate assets
• Documents remediation required based on input during incident handling or vulnerability identification
• Opens and tracks tickets for remediation of issues found during an incident or vulnerability that is required to facilitate a closed loop process
• Issue documentation and proactively contacts system asset owners when an incident is resolved to ensure that remediation steps are understood and remediation time line is committed in ticket
• Understanding and exceeding all SLA commitments
• Review daily and weekly metrics for security and vulnerability incidents
• Escalating issues to Tier III or Manager when necessary
Requirements
• 7+ years of hands on experience in Information Security domain
• 3+ years of experience in SOC NOC environments.
• Hands on experience with SIEM technologies and other log management solutions (Arcsight, Splunk, ELK, Solarwinds, etc.)
• Good understanding of Unix/Linux and Windows operating systems.
• Experienced in Vulnerability and patch management
• Administration and implementation experience in IPS solutions.
• Strong knowledge of enterprise detection technologies and processes
• Experience with security scanning tools.
• Understanding of IOC’s and Intel feed management and or usage
• Experience in Use Case development.
• A solid understanding of the Kill Chain Process, full ticket lifecycle and of the hunting concept
Desired certifications: (but not obligatory)
• Arcsight, Splunk, McAfee, Symantec, Tripwire, Cisco,
• SANS GIAC (GSEC, GCIH, GCIA, GCFA)
• CEH
About the Company
RP International is the leading specialist recruitment consultancy in the established and emerging telecoms markets.
From our hubs covering the Americas, Europe the CIS, the Middle East, Africa and Asia Pacific we have partnered with operators, vendors, systems integrators and consultancies in more than a hundred countries, giving us an in-depth understanding Of cultural sensitivities, local business practices and hiring requirements.
Our clients and candidates benefit from the long-term perspective and breadth of knowledge that comes from working with an industry partner.
From our beginnings providing telecoms expertise into deregulating markets, we have developed our range of services to supply executive search, contingent, contract and launch and transformation resource solutions across the industry.
Our historic success in cross-border search assignments connects our clients to a global network of industry talent.
We identify the best available candidates on a local, regional and international basis.