Analyst - SOC Monitoring (OT Cybersecurity) - Abu Dhabi

Job Description

• monitor, detect, analyze, and respond to security incidents and threats in an organizations information systems and network infrastructure. You aim to protect sensitive data, uphold network security, and maintain organizational compliance with industry regulations and standards. By utilizing cutting-edge security tools, techniques, and procedures, the SOC analyst plays a critical role in preventing, mitigating, and resolving cyber threats, ensuring the overall security of the organizations digital environment.

• Examine network topologies to understand data flow through the network.
• Use SOC tools to monitor and analyze system activity to identify malicious activity continually.
• Identify network mapping and operating system fingerprinting activities.
• Continuously monitor the SIEM events/alerts to identify any anomalies.
• Perform event correlation using information from various sources within the organization to gain situational awareness and determine the effectiveness of observed attacks.
• Detect Incidents by monitoring the SIEM console, Rules, Reports, and Dashboards.
• Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, distinguishing these incidents and events from benign ones.
• Report the confirmed incident as per the Incident management process.
• Notify the Senior SOC Analyst on suspected/anomaly events for further analysis.
• Document and escalate incidents (including the events history, status, and potential impact for further action) that may cause an ongoing and immediate impact on the environment.

• High-level understanding of TCP/IP protocol and OSI Seven Layer Model.
• Knowledge of security best practices and concepts.
• Knowledge of Windows and/or Unix-based systems/architectures and related security.
• Intermediate level of knowledge of LAN/WAN technologies.
• Must have a solid understanding of information technology and information security.
• Good understanding of defense-in-depth analysis techniques.
• Knowledge of log monitoring, analysis, and correlations.
• Knowledge of Incident detection, reporting, and responding.
• Understanding of security threats and vulnerabilities.
• Ability to use SIEM console to create/analyze Rules, Reports, and Dashboards.
• Sound knowledge of the functioning of IPS
• Intermediate knowledge of using common security products like SIEM, IPS, Antivirus, File Integrity Monitoring, and DLP
• CompTIA Security+
• EC-Council Certified Ethical Hacker (CEH)