helpag~21d ago

SOC Lead (Arabic Speaker)

United Arab Emirates·Abu Dhabi - Clientlead

OtherSoc

2 views0 saves0 applied

Apply Now

Quick Summary

Overview

Key Responsibilities

An onsite SOC Lead will be provided to analyze the SOC service performance, industry threats, advisories, and general industry developments on a continuance basis.

Technical Tools

azuresplunkcybersecuritynetworkingsecurity-best-practices

Help AG is looking for talented and enthusiastic individuals to join as SOC Lead within our Managed Security Services (MSS) Unit. Resident Resources are deployed at customer sites across the UAE as part of MSS projects and work alongside customer governance and operations teams and other Help AG MSS teams. If you have 6-8 years’ experience in cyber security, strong technical skills as individual contributors, and a deep interest in security analysis/threat hunting/incident response/CyOps, you may find your next opportunity at Help AG

Responsibilities

~1 min read

→
An onsite SOC Lead will be provided to analyze the SOC service performance, industry threats, advisories, and general industry developments on a continuance basis. This on-site resource shall provide advice for automating & enhancing the ongoing SOC operations as well as general cybersecurity improvements
→
Support offsite SOC in contextualizing the alerts
→
Support L2 SOC Analysts
→
Support Cyber Threat Intelligence Analysts

Requirements

~1 min read

Minimum 8 years work experience in a cyber security discipline. Native Arabic speaker is a must.
A degree in Computer Science, Information Systems, or a closely related discipline.
Hands-on experience in various security technologies –
SIEM (Splunk).
EDR (McAfee, MS Defender, PA XDR).
Cloud app security (Azure, Sentinel, AIP).
Cyber Threat Intelligence.
Firewalls, and endpoint security products (Palo Alto, Fortigate, Forcepoint).
PAM (CyberArk).
Experience in developing playbooks / use cases.
Experience in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
An active and demonstrable interest in cybersecurity, cyber threat detection, cyber threat intelligence, incident detection and response.
Demonstrable experience in analyzing and interpreting threat intelligence indicators, TTPs, and threat actors.
Sound knowledge of TCP/IP, networking, IT security best practices, common attack types such as scans, man in the middle, sniffing, DoS, DDoS, etc., possible abnormal activities, such as worms, Trojans, viruses, etc. and detection/prevention methods.
Knowledge of the type of events that firewalls, IDS/IPS, and other security-related devices produce.
Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
One or more of the below certifications (not limited to):
CISSP/CISM/CISA/CCSP.
GCIA/GCIH/GSOC.
CEH/OSCP/OSCE.
Strong analytical and problem-solving skills, Outstanding organization skills.
Strong verbal and written communication skills.
Ability to speak and write in English and Arabic is required.