Description
We are looking for a Security Operation Center (SOC) Analyst L2 to join our team in Jeddah, Saudi Arabia. As a SOC Analyst L2, you will be responsible for monitoring and analyzing security events and incidents, and providing effective response and remediation. You will play a crucial role in ensuring the confidentiality, integrity, and availability of our organization's information assets.
Responsibilities:
• Provide investigation for escalated security incidents.
• Check for false positive & duplicates.
• Provide communication and escalation throughout the incident per the CSIRT guidelines.
• Communicates directly with data asset owners and business response plan owners during high severity incidents.
• Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets.
• Perform analysis of log files to collect more contextual information in order to triage the security threat.
• Provide forensics analysis and investigation.
• Drives containment strategy during data loss or breach events.
• Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs).
• Works directly with data asset owners and business response plan owners during high severity incidents.
• Provide tuning recommendations to administrators based on findings during investigations or threat information reviews.
• Collect contextual information and pursue technical root cause analysis and attack method analysis.
• Make content determination to treat the alert as a security incident and assign a severity level.
Requirements
• Bachelor's degree in Computer Science, Information Security, or related field.
• The candidate must have extensive experience in incident handling and reporting (at least 3 years in a similar role).
• Professional certifications related to incident response is preferable.
• Strong analytical and problem solving skills.
• Knowledge of network security zones, Firewall configurations, IDS policies.
• Knowledge of systems communications from Layer 1 to 7.
• Experience with Systems Administration, Middleware, and Application Administration.
• Experience with Network and Network Security tools administration.
• In-depth experience with log search tools and usage of regular expressions.
• In-depth knowledge of packet capture and analysis.
• Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat).
• Ability to make create a containment strategy and execute it.
تأسست شركة العرض المتقن في عام 2004 وهي رائدة في سوق خدمات تقنية المعلومات وحلول التكنولوجيا بالمملكة العربية السعودية. نحن نقدم مجموعة شاملة من خدمات تقنية المعلومات يتيح لنا نموذج أعمالنا المتكامل الفريد تقديم نهج شامل لتحول العملاء الرقمي. نحن نتعاون مع العملاء على مدار رحلتهم الرقمية ، بدءًا من التطوير الأولي إلى إدارة البنية التحتية الخلفية. من خلال إعطاء الأولوية لخدمة العملاء الاستثنائية وتخصيص الحلول لتلبية احتياجات الأعمال المحددة.