SOC L2
ValueMentor
- Abu Dhabi
- Permanent
- Full-time
- As a Senior Security Analyst (Tier 2) you will be responsible for monitoring in-house and client security alerts/incidents while working in shifts.
- Primary responsibilities include participating in various incident investigations, creating new detection methodologies and providing expert support to alerting, incident response and monitoring functions.
- Day to day operations involves dealing with SIEM Monitoring, reporting and security incident handling
- Experienced with data analysis, centralized logging (Splunk. QRadar, ELK, Kafka, rsyslog, etc.);
- Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions.
- Cloud Security, SANS Trainings and GIAC Certifications preferred.
- Offensive Security Certifications like OSCP, OSCE etc.
- Vendor certifications like SPLUNK, ELK Stack, Big Data frameworks preferred
- Capability to develop use cases or additional detection capabilities based on the SIEM query language, understanding of incident response.
- Skill to analyze large data sets and unstructured data, manually or using tools to identify trends and anomalies indicative of malicious activity.
- Linux incident handling skill would be preferred
- Knowledge of current security threats, techniques and landscape, and dedicated desire to research current information security landscape.
- Experience in analyzing networking protocols, firewalls, host and network IPS, Linux, virtualization containers technologies, databases, web servers.
- Splunk certifications and experience preferred.