Associate - SOC Analysis ( L1) SOAR
Roles and Responsibilities:
• Act as a Technical Subject Matter Expert, be the primary point of contact for Security
• Automation, Orchestration, Playbooks, Python Automation, API-based automation, Incident
• Response lifecycle automation, Security Automation
• Develop, implement, and execute standard procedures for SOAR platform administration.
• Design, Deployment and Maintenance of SOAR platforms (including content management,
• change management, version/patch management, and lifecycle management).
• Work closely with the Security Operations Center (SOC) and Security Engineering teams to
• improve existing automation and deliver resilient security solutions
• Assess, design, and improve SOC processes and workflows with a focus on integrating
• automation through Security Orchestration, Automation and Response (SOAR) tools.
• Implement SOC automation and ensure continued compatibility with existing detection and
• response tools.
• Integrate new sources and build playbooks to properly triage and respond to security incidents
• while reducing the time needed to analyze each event.
• Develop custom scripts to automate current detection and response workflows.
• Build pipelines to enrich logs and alert results to provide a comprehensive view for SOC analysts.
• Operate and help mature a SOC playbook, workflow automations and use cases
• Assist with client setup transition and onboarding, serve as primary point of contact for
• Managed Security Service client
Required Skills:
• Experience with Security Orchestration, Automation and Response (SOAR) technologies.
• Understanding of security architecture, tool integration, API development and automation.
• Understanding of Incident Response processes (Detection, Investigation, and response).
• Understanding of common SOC processes and workflows.
• Experience with Python scripting language for automation and working knowledge of REST APIs,
• JSON, HTML/CSS, JavaScript, XML.
• Experience developing Dashboards and Reports focused on cyber security operations.
• Experience with operating system internals for both Linux and Windows platforms.
• Understanding of security devices such as firewalls, IDS/IPS, EDR and NDR, Vulnerability
• Management solutions and SIEM
• Strong problem-solving capabilities and the ability to work with minimal oversight.
• Exceptional written and verbal communication skills.
Educational Qualifications:
• Relevant Degree
• Additionally, one or more relevant industry certifications such as GCIH or vendor certification.
Desirable:
• Familiarity and experience working within the region
• Experience working as part of a MSSP or MDR providerww.malmatia.com Public Copyright @ 2022 malomatia (Q.P.S.C) All Rights Reserved.
Vision: To enable government & business to excel. Mission: To deliver innovative Information Technology solutions enabling government and business to serve their customers effectively. This is achieved through the deployment of best talent and practices, to realize Qatar’s national vision of a vibrant knowledge based society. Objectives Market leadership as a commercial enterprise that supports national efforts of developing a strong and sustainable IT sector in Qatar. Delivering high-value IT services and solutions that are relevant to segments of national and social strategic importance. Building and sustaining local and regional IT delivery and domain expertise in Government, Healthcare and Education. Increasing the contribution of IT to Qatar’s GDP growth.
Let our experts design a Professional CV for you.