Logrhythm Cybersecurity Expert - Al-Jumayliyah, دولة قطر - K20s - Kinetic Technologies Private Limited

وصف

Location:
Qatar (Onsite)

Mandatory:

Logrhythm& CybersecurityCertified: LogrhythmDuration: LongtermJobDescription:The role requires working within a SOC operationalsupport environment incorporating a tiered Security support modelacross a range of Security support functions in Qatar.

Your primaryobjective will be too proactively monitor and hunt through customerenvironments to detect and respond to information security threats.

You will help to protect an organization by employing a range oftechnologies and processes to prevent, detect and manage cyberthreats.

This can include protection of computers, data, networksand applications.

The Security Operations Analyst Level 3 role istasked with evaluating SIEM (Security Incident Event Manager)related events flagged for review by established strategies.

Thisevaluation is performed with various validation tools,understanding and application of computer security topics andmalware infections, and identification of new techniques to makequick decisions with a high rate of accuracy.

The person in thisrole will contribute to the strategic development of a new pilotprogram aimed at further enhancing the world class experience.

TheSecurity Operations Analyst Level 3 is expected to adhere tonumerous Key Performance Indicators to ensure decisions are madebalancing factors such as risk tolerance and customerexperience.

Another responsibility of this role is to help trainmachine learning models by labeling transactions, queries, or otherentity pairings.


Profile Requirements:
Proposition of specificrecommendations Investigate and solves security breaches and othercyber security incidents and provide incident response.

Incidentanalysis for correlation rules design and implementation Businessuse-cases design and deployment Check of applied recommendation forL3 incidents Validates weekly, monthly, quarterly, half and yearlyreports Definition and follow up of incident reconstruction plansMalware analysis, reverse engineering Deals with incidents from L2and investigation and qualification of L2 incidents Access to tierstools for investigation Development, fine-tuning, andimplementation of threat detection analytics Provides investigationon complex incidents.

Forensic handling and threat hunting Providesforensics investigation and analysis ( memory, filesystem, network,mobile iOS/Android forensics, Analyze and provides threatintelligence information Provides advisories on incident modellingand reconstruction Define new correlation rules in the SIEM dependson the requirements Provides security crisis management Very goodcommunication skills with fluent English Deep log analysis skillson SIEM

• Logrhythm, Logrhythm experience is mandatory.

performsassessments of systems and networks within the network environmentor enclave and identifies where those systems/networks deviate fromacceptable configurations, enclave policy, or local policy usingthe Vulnerability Assessments tool Nessus scanner Daily assessmentof vulnerabilities identified by infrastructure scan. Evaluate,rate and perform risk assessments on assets.

Prioritizingvulnerabilities discovered along with remediation timeline(s)Monitor and collect activity data from endpoints that couldindicate a threat using VMWare Carbon black Analyze this data toidentify threat patterns Automatically respond to identifiedthreats to remove or contain them, and notify security personnelForensics and analysis tools to research identified threats andsearch for suspicious activities Very good knowledge of Windowsand/or Linux/Unix, Very good understanding of security incidents,networking and common protocols, Scripting in Python, Bash, Perl,PowerShell.

Review standard security arrangements that is, provideexternal/semi-external reviews Manage audits and training for newthreats Stay current on IT security trends and news.

Analyze forattacks, intrusions and unusual, unauthorized or illegal activityInvestigate new vulnerabilities and share the latest industry-levelresponses Investigate security breaches and other cyber securityincidents and provide incident response.

Liaise with differentinternal and external stakeholders when an incident occurs Manageremotely stored critical information (passwords, network configs,etc.) in an emergency Use advanced analytic tools to determineemerging threat patterns and vulnerabilities liaise withstakeholders in relation to cyber security issues and providefuture recommendations Install security measures and operatesoftware to protect systems and information infrastructure,including firewalls and data encryption programs.

Document securitybreaches and assess the damage they cause. Work with security teamto perform tests and uncover network vulnerabilities. Fix detectedvulnerabilities to maintain a high-security standard. Stay currenton IT security trends and news. Research security enhancements andmake recommendations to management