1. Supervise the process of data collection to analyse the deployment of Indicators of Compromise (IOCs) to support the refine detection and response efforts.
2. Validate and provide recommendations on changes to security controls to detect and/or protect against emerging security threats.
3. Provide intelligence briefings to SOC team on threats or threat actors and the risk they bring to the environment to mitigate potential risks.
4. Develop and review aggregated Threat Intelligence & Hunting team metrics covering technology and operations.
5. Supervise the timely collection of technical cyber threat intelligence including the advanced warning of impending IT vulnerabilities or threats, and develop thorough correlation, analysis and storage of related information and operational support of the incident response process.
6. Utilize the collected threat intelligence and ensure an actionable outcome.
7. Evaluate the potential impact of vulnerabilities on the organization's systems and applications and provide recommendations for remediation.
8. Supervise the correlation of IoCs to determine the scope and severity of incidents over Threat Intelligence Platform (TIP) solution.
9. Prepare regular threat intelligence and hunting reports to senior management, highlighting actionable insights, recommended countermeasures and overview of the current threat landscape.
10. Assist incident response teams in understanding the nature and source of security incidents and provide guidance on containment and mitigation strategies.
11. Develop hypothesis to identify potential security threats by conducting systematic and targeted searches across the network and systems.
12. Supervise the investigation of indicators of compromise (IoCs) and tactics, techniques, and procedures (TTPs) to uncover hidden threats and vulnerabilities
13. Design and ensure the creation of use cases and rules that can detect and identify the threat according to the collected logs
14. Provide the Technology Engineering team with the required logs’ collection from different systems/solutions for better threat detection coverage.
15. Develop and review Incident Response play books and metrics according to the defined process.
16. Ensure the ongoing tuning and Development of Threat Intel and Hunting frameworks and playbooks. In addition, Design threat hunting dashboards for data visualization and security posture visibility.
17. Ensure defining big data analytics use cases for processing and analysing high volume events to enhance analytics capabilities.
18. Participate in the formulation and implementation of the SOC Department strategy to ensure the alignment
19. Participate and recommend improvements to policies, processes and procedures and manage their implementation to ensure all relevant procedural / legislative requirements are fulfilled
20. Supervise the day-to-day operations of the team providing some guidance in the related area, encouraging teamwork and facilitating related professional work processes in order to achieve high performance standards.
21. Supervise the activities and work of subordinates to ensure that all work within a specific area is carried out in an efficient manner and in compliance with the set policies, processes and procedures
اطلب مساعدة الخبراء لكتابة سيرة ذاتية مميزة.