Specialist - Threat Defense
Adecco Middle East is hiring a "Specialist - Threat Defense" for one of our prestigious clients based in Abu Dhabi, UAE.
Job Title: - Specialist - Threat Defense
Location: Abu Dhabi, UAE
Duration: 12 Months and Extendable
Experience level: 5+ years.
Job Description: -
Responsibilities:
• Threat hunting across customers environments searching for attackers or remnants of their activity.
• Develop detection logic tailored to enterprise threat landscape using industry-specific intelligence and developed use cases.
• Design, develop, and implement effective security use cases and rules within the Security Information and Event Management (SIEM) system.
• Develop and Drive Security Orchestration, Automation and Response efforts for CFC.
• Operationalize Indicator of Compromise from intelligence feeds by developing, testing, and deploying monitoring and alerting rules into SIEM.
• Work closely with Security Engineering in onboarding new data sources and with Cyber Threat Intelligence (CTI) personnel for development of relevant use cases across various client networks.
• Coordinate with technical architects to identify and recommend new internal and external data sources to develop additional threat detection logic.
• Conduct research in areas, including security principles, host and network-based security technologies, machine learning algorithms, and mitigation methods.
Essential Job Functions
• Perform threat hunting campaigns utilizing information on adversary tools, tactics & procedures (TTPs) and knowledge of how they manifest in security data sources & system telemetry.
• Develop advanced alerting capabilities based on threat intelligence, post-incident findings, new threats, and vulnerabilities.
• Develop Microsoft Sentinel content including Detection rules, Functions, Playbooks, LogicApps and Query Time Parser.
• Specialize in Microsoft Azure Sentinel to enhance cloud security for our clients.
• Integrate SOAR platform with other security tools and APIs through platform inbuilt apps and custom apps to execute automated workflows.
• Build, Test, Deploy and Automate content in SIEM, NDR, EDR, etc via security orchestration and automation playbooks/workbooks.
• Research and deploy modern technologies or enhancements to support business objectives related to security detection, threat hunting, forensics, and response.
Qualifications:
Good to have.
• Experience working with various Cloud platforms, such as AWS, GCP or Azure.
• Experience working with Artificial intelligence and Machine learning technologies used for security detection.
• Experience working in, or related to, Operational Technology (OT), Industrial Control Systems (ICS) and/or IoT industries.
Required qualifications
• BA/BS/BE or MS degree in IT, Computer Science or equivalent required.
• 3+ years of experience in one or more of the following areas : detection engineering, proactive and reactive threat hunt techniques, security automation, incident response, digital forensics.
• 1+ years of experience with SOAR platforms such as FortiSOAR, Phantom, Cortex, XSOAR, Swimlane, etc.
• Experience with SOC SOPs, playbooks, work instructions and/or other process documents.
• Relevant professional certifications in information technology or cloud security e.g. CISSP, CCSP, SANS 508 (GCFA), SEC504 (GCIH), Azure.
• In depth understanding of industry standard threat frameworks (Lockheed Martin Cyber Kill Chain, Diamond Model, MITRE ATT&CK).
