Overview
Threat Content Engineer Jobs in Dubai, Dubai, United Arab Emirates at Halian
Title: Threat Content Engineer
Company: Halian
Location: Dubai, Dubai, United Arab Emirates
Our Client
A well-established Cyber Security company based in Dubai are looking for a Threat Content Engineer.
Key Responsibilities:
Implement and maintain detection capabilities within Splunk and other EDR/XDR platforms to effectively identify and respond to security threats.
Assess existing EDR/SIEM content to determine opportunities for refinement or removal, ensuring optimal fidelity in threat detection.
Utilize the MITRE ATT&CK framework to continuously monitor the threat landscape, identifying gaps in detection coverage and developing new content to address emerging threats.
Support the onboarding of new data sources into Splunk by creating and implementing relevant EDR/SIEM content to maximize visibility and threat detection capabilities.
Develop and refine EDR/SIEM detection use cases, collaborating with relevant stakeholders such as engineers to ensure alignment with organizational security objectives.
Maintain a comprehensive content catalog, including mapping to industry-standard frameworks like MITRE ATT&CK, to streamline the deployment of security measures across various environments.
Document and communicate detection capabilities and gaps effectively, leveraging industry frameworks such as MITRE ATT&CK, the Cyber Kill Chain, and NIST to provide clear insights to stakeholders.
Qualifications:
Bachelor’s degree in Computer Science, Information Technology, or related field. (Preferred)
Demonstrated experience with Splunk, including the development and maintenance of detection content within Splunk environments.
Proficiency in utilizing the MITRE ATT&CK framework for threat analysis and content development.
Strong understanding of cybersecurity principles and methodologies, with a focus on threat detection and response.
Excellent communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders.
Experience working collaboratively in cross-functional teams, with a focus on achieving common security objectives.
Relevant certifications such as Splunk Certified Developer or Splunk Certified Architect are a plus.
[07/08/23 10:53] Katie Wheeler
FYI: Our Client
A well-established Cyber Security company based in Saudi Arabia are looking for a Senior SOC Analyst.
Your Responsibilities
Responsible for monitoring computer and network security events, and perform incident response.
First-line of defense in protecting information systems and data assets from internal and external threats.
Perform triage analysis to identify security incidents.
Respond to security incidents by collecting, analyzing, and ensuring that incidents are recorded and tracked in accordance with SOC requirements.
Ability to take lead on incident response activities and able to mentor junior analysts.
Deep packet and log analysis.
Perform general forensics and malware analysis.
Adopt detection and response Advanced Persistent Threat tactics, techniques, and procedures.
Perform threat hunting activities.
Your Qualifications
Minimum Bachelor of Science Degree in Computer Science, Cybersecurity, IT or equivalent.
5 years experience as an incident responder/handler role.
Experience in analyzing and reporting cyber threats as well as assisting in deterring, identifying, monitoring, investigating and analyzing computer network intrusions.
Strongly preferred to have attained these related certifications (or eq…
