MSS Sr. Security Analyst (Level 3)
My clients are looking for a talented and enthusiastic individual to join their Security Operations Center (SOC) team for our Managed Security Services (MSS) unit. If you have a strong knowledge and interest in network security, this position might be the right one for you.
The Level 3 Senior Security Analyst will be responsible for monitoring multiple security technologies, guiding and leading other Analysts and optimising the Security Information Event Management (SIEM) system in order to detect and identify IT security related incidents.
- 4-5 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, intrusion detection, or firewall administration.
- 2-3 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows
- 1-2 years of experience as a Senior or Lead Analyst, or equivalent experience guiding, mentoring and teaching other Analysts
- Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs and other security threat data sources
- Correlate and analyze events using the ArcSight / Splunk SIEM tool to detect IT security incidents
- Create, Follow and Present detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents
- Respond to inbound requests via phone and other electronic means for technical assistance with managed services
- Respond in a timely manner (within documented SLA) to support, threat and other cases
- Document actions in cases to effectively communicate information internally and to customers
- Resolve problems independently and understand escalation procedure
- Maintain a high degree of awareness of current threat landscape
- Lead delivery, and support others in the delivery, of knowledge sharing with Analysts and writing technical articles for Internal Knowledge Bases, Blog Posts and Reports as requested
- Perform other essential duties as assigned
- Candidate in this position must be able to work in rotating shifts within a 24/7 operating environment
- Analysis of log files, includes forensic analysis of system resource access.
- Create, Follow and Present customer reports to ensure quality, accuracy and value to the Client
- Creation of new Content (Use Cases, Queries, Reports) within the SIEM Platform (Splunk)
- Education and Training of other Analysts in use and operation of SIEM Platform (Splunk)
- On-site Work with Clients as required
- A Degree in Computer Science, Information Systems, Electrical Engineering or a closely related degree
- An active interest in Internet Security, incident detection, network and systems security
- A sound knowledge of IT security best practices, common attack types and detection / prevention methods.
- Demonstrable experience of analysing and interpreting system, security and application logs
- Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce
- Experience in using Splunk as an Analyst for Threat and Incident Detection is required
- Experience with ArcSight, Envison, LogRhythm, QRadar, NitroSecurity is preferable but not mandatory
- TCP/IP knowledge, networking and security product experience
- Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc and possible abnormal activities, such as worms, Trojans, viruses, etc.
- CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable
- An experienced Analyst who aspires to be a Leader, and is committed to learning the principles of Leadership and the role of a Leader
- Outstanding Organizational Skills
- Exclusive focus and vast experience in IT
- Very good communication skills
- Strong analytical and problem-solving skills
- A motivated, self-managed, individual who can demonstrate exceptional analytical skills and work professionally with peers and customers even under pressure.
- Strong written and verbal skills
- Strong interpersonal skills with the ability to collaborate well with others
- Ability to speak and write in English is required; Ability to speak and write in both English and Arabic is preferred