Security Operations Center (SOC) Analyst

1. Perform day-to-day security SOC operations duties.
2. Continuously monitor security events and alerts generated by various security monitoring tools, such as SIEM (Security Information and Event Management) systems, IDS/IPS (Intrusion Detection/Prevention Systems), and endpoint protection platforms.
3. Identify and analyze security incidents based on the available information. Classify and prioritize incidents according to their severity and potential impact. Initiate and coordinate the incident response process, following predefined procedures and workflows.
4. Work with different IT teams to troubleshoot and resolve security-related issues and assist in configuring the logs to be forwarded from their respective systems to the centralized logging system.
5. Analyze vulnerability scan results and work with system owners and IT teams to remediate identified vulnerabilities within specified timeframes.
6. Provide recommendation for Security Use-case creation and optimization for any new/existing systems.
7. Conduct Network and Endpoint log analyses including threat hunting activities and present findings.
8. Studying vulnerabilities, identifying relevant threats, corrective actions recommendations and reporting results.
9. Document all incidents, investigations, and analysis activities accurately and thoroughly. Prepare incident reports, including detailed information on the incident timeline, impact, and recommended remediation actions.

OTHER 

1. Act as an ambassador for DP World at all times when working; promoting and demonstrating positive behaviours in harmony with DP World’s Principles, values and culture; ensuring the highest level of safety is applied in all activities; understanding and following DP World’s Code of Conduct and Ethics policies.
2. Perform other related duties as assigned.

Knowledge and Experience

• Bachelor’s Degree in Computer Science or equivalent.
• Should have 4-6 years of experience in IT Security with at least 4 years’ experience in conducting analysis of log data and security operations center.
• Technical and hands-on experience across Cyber Security and technology domains.
• Background in security technologies, network protocols and operations and understanding of TCP/IP protocol and OSI Seven Layer Model.
• Computer programming and scripting languages.
• Strong understanding of the Cyber Kill Chain, pervasive threats attack methods and remediation.
• Industry recognized professional certifications such as GSEC, Security+, CEH, CySA.
• Good understanding in E-commerce, logistics, supply chain & port operations applications will be added advantage.

Soft Skills

• Sound analytical and intellectual capabilities.
• Excellent time management and organizational skills.
• Decision-making abilities.
• Team player and conflict management skills.
• Ability to multi-task, prioritize, coordinate, and work well under pressure to meet deadlines.
• Strong interpersonal and communication skills ability to work in a team environment.
• Cultural awareness.
• Must possess Excellent Reporting Skills.

Technical Skills 

• Knowledge of Security Orchestration and Automation (SOAR) solutions.
• Experience with two or more analysis tools used in a CIRT or similar investigative environment. 
• Ability to analyse and triage IoCs. 

#LI-AA6