Consultant - SOC Analysis (L2)
Job Description
malomatia is a cybersecurity services provider with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. malomatia is seeking a SOC L2 Analyst Engineer who have experience in SOC Operations, Log Analysis, Incident Response and Triage.
malomatia is seeking a motivated, career and customer oriented SOC Analyst to join our team in Qatar to provide unparalleled support to our customer and to begin an exciting and rewarding career within malomatia.
The SOC Analyst will work on multiple Solutions include SIEM, SOAR, Log management, EDR and vulnerability management solutions and possibly other Security components to investigate and response to security related incidents and alerts.
Roles and Responsibilities
· Triage and Investigate the assigned Incidents.
· Create incident reports Include all the investigation steps, lessons learned and recommended actions.
· Modify the use cases for false positive incidents.
· Create and modify use cases, dashboards and reports.
· Threat hunting.
· Integrating with threat intelligence feeds.
· Evaluating security products.
· Vulnerability assessment and penetration testing.
· Creating and modifying Runbooks for L1 and NOC then follow up on their execution.
· Develop and write reports that analyze the Threat and IoC’s with impact and recommended actions.
· Provide communication and escalation throughout the incident per the SOC guidelines.
· Communicates directly with the data asset owners and business response plan owners during high severity incidents.
· Performs analysis of log files from different log sources.
· Responsible for support issues from beginning to end and follow the documented escalation procedures.
· Manages and assures threat feeds are received, aggregated, reviewed, and acted upon accordingly.
Experience and Qualifications :
· 4+ years of hands on experience in Information Security domain.
· 3+ years of experience in SOC NOC environments.
· Expert knowledge in in SIEM solutions:
· Creating use cases, dashboards, reports.
· Integrating with threat intelligence feeds.
· Running complex queries.
· Advanced hands on experience on vulnerability assessment and penetration testing.
· Advanced knowledge about network attacks such as DoS and their countermeasures.
· Advanced knowledge about Web Application Attacks and their countermeasures.
· Advanced knowledge about hacking tools and their capabilities such as NMAP, Metasploit, etc...
· Advanced Scripting knowledge for configuring automation.
· Advanced knowledge about attack kill chain and incident response procedures.
· Advanced Knowledge about Windows and Linux/Unix OSes.
· Moderate Knowledge about forensic Investigation
· Strong analytical skills which is used in threat hunting and in incident investigation.
Good to have;
· +6 Years in Security / +4 years in SOC Operation.
· GIAC Certified Incident Handler (GCIH)
· SANS FOR508 Advanced Digital Forensics, Incident Response, and threat hunting (GCFA).
· SANS FOR610 Reverse – Engineering Malware : Malware Analysis Tools and Techniques (GREM).
· OSCP.
· University degree in Computer Science/ Information Technology from a recognized university.
Vision: To enable government & business to excel. Mission: To deliver innovative Information Technology solutions enabling government and business to serve their customers effectively. This is achieved through the deployment of best talent and practices, to realize Qatar’s national vision of a vibrant knowledge based society. Objectives Market leadership as a commercial enterprise that supports national efforts of developing a strong and sustainable IT sector in Qatar. Delivering high-value IT services and solutions that are relevant to segments of national and social strategic importance. Building and sustaining local and regional IT delivery and domain expertise in Government, Healthcare and Education. Increasing the contribution of IT to Qatar’s GDP growth.
اطلب مساعدة الخبراء لكتابة سيرة ذاتية مميزة.
