A. Accountabilities:
• Investigate triaged events and incidents using SIEM technologies, Endpoint Detection and Response platforms, and various cybersecurity tools.
• Analyze, escalate, and assist in remediation of critical information security incidents.
• Support Incident Response Plan through Tier one support of activities surrounding following the PICERL model; Preparation, Identification, Containment, Eradication, Recovery & Lessons Learned.
• Assist in enforcing and auditing information security policies and procedures such as access, breach escalation, use of firewalls and encryption routines.
• Assist in updating, maintaining, and documenting security controls. Provides direction and support to clients and internal IT groups for information security-related issues.
• Perform administration duties of varied server technologies, enterprise systems and peripheral devices, network and security devices, and all desktop computer systems and peripherals within the last five years on market.
• Assist in performing high-level analysis of complex and disparate computing systems, networks, and data architectures to identify, rectify, and prevent technical and information security vulnerabilities.
• Perform work on critical automated processes, computer systems, networks, databases, information systems, telecommunication systems, and computer policies, procedures, and practices.
• Demonstrate high-level technical skills in the areas of information security, networking and computer systems, and excellent capacity for grasping relevant details and complex systems analysis.
• Perform other related duties as assigned by the supervisor.
Skills
B. Qualification:
- Experience in Network Event Analysis, Threat Analysis, and/or Intelligence Analysis
- Experience with the following Operating Systems is recommended: Microsoft Windows (Server, workstation) Linux distributions (Ubuntu, Kali Linux, Debian, RedHat), iOS (current versions), Android OS (current versions), macOS (current versions).
- General technical skills, includes TCP/IP knowledge, SIEM, networking and security product experience, and ticket-management systems.
- Knowledge of intermediate troubleshooting, client relations, and cybersecurity principles.
- Ability to implement a plan to address and mitigate security vulnerabilities.
- Ability to recognize, analyze, and solve a variety of problems.
- Ability to communicate technical concepts to a non-technical audience.
C. Experience:
- 5/- years working experience in managing SOC and using SIEM.
D. Education and Certifications:
- Bachelor of Computer Science, Information Technology or any related domain.
- Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), GIAC (SANS), ISC (2), CEH, ECLPT, ECSA, OSCP, GCIA or CHFI preferred.
E. General Skills:
- Strong analytical and problem-solving skills, and works well in a team environment, and willingness to acquire in-depth knowledge of network- and host security technologies and products continuously improve these skills.
F. General Remarks:
- The role is for Diyar United Company- Client / Oil and Gas Sector.
- The Budget for the role is KWD 1000/- unnegotiable.
- Kuwait based/ Transferable visa.