Overview
Security Analyst Jobs in Abu Dhabi, UAE/Dubai at Core42
Title: Security Analyst
Company: Core42
Location: Abu Dhabi, UAE/Dubai
Type: Full Time
Category: IT/Tech, Security
Overview As a Security Analyst (Tier
1), you will be responsible for monitoring in-house and client security alerts/incidents while working shifts. Your primary responsibilities include monitoring SIEM platform triaging alerts, covering 24/7 service with (8+1) hour work shifts, participating in threat-actor based investigations, suggesting new detection methodologies, and providing expert support to alerting, incident response, and monitoring functions. Your day-to-day operations will involve dealing with SIEM Monitoring, various reporting, and security incident handling.
Responsibilities Your key responsibilities Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using SIEM technologies. Investigating incidents using SIEM and Bigdata technologies, packet captures, reports, data visualization, and pattern analysis. Ensuring all incidents are handled within SLA and before the end of shift. Detecting, identifying, and providing first-level incident handling of possible attacks/intrusions, anomalous activities, and misuse activities, while distinguishing these incidents and events from non-malicious activities.
Effectively monitoring the health of various log sources and reporting to engineering teams in case of missing sources. Monitoring SIEM and SOC tools to identify potential performance problems, data loss, and misconfigurations in SOC infrastructure, including in the cloud. Monitoring external data sources (e.g., Threat Feeds) to maintain
up-to-date
threat conditions and determine the scope of impact of any incident on the Organization.
Performing vulnerability scans, reviewing the vulnerability scan results, and supporting the creation of remediation actions. Complying with G42 Acceptable Use Policy and attending mandatory information security, privacy, business continuity, and HSE trainings. Reporting information security, HSE, and suspect incidents through G42 established incident reporting channels. Maintaining confidentiality of information and classifying and handling information as per G42 Policies and Procedures.
Qualifications 3+ years of related experience in information technology and/or information security preferred.
Experience with
data analysis and centralized logging (Splunk, ELK, Kafka, rsyslog, etc.). Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions. Capability to develop use cases or additional detection capabilities based on the SIEM query language, with an understanding of incident response. Skill to analyze large data sets and unstructured data, manually or using tools to identify trends and anomalies indicative of malicious activity.
Linux incident handling skills would be ideal. Knowledge of current security threats, techniques, and landscape, with a dedicated desire to research the current information security landscape. Experience in analyzing networking protocols, firewalls, host and network IPS, Linux, virtualization container technologies, databases, and web servers is also valuable. What we look for If you are a performance-driven, inquisitive mind with the agility to adapt to ambiguity, you will fit right in.
You should be eager to explore opportunities to build meaningful collaborations with stakeholders and aspire to create unique
customer-centric
solutions. A bias for action and a…
