A. Accountabilities:

• Investigate triaged events and incidents using SIEM technologies, Endpoint Detection and Response platforms, and various cybersecurity tools.

• Analyze, escalate, and assist in remediation of critical information security incidents.

• Support Incident Response Plan through Tier one support of activities surrounding following the PICERL model; Preparation, Identification, Containment, Eradication, Recovery & Lessons Learned.

• Assist in enforcing and auditing information security policies and procedures such as access, breach escalation, use of firewalls and encryption routines.

• Assist in updating, maintaining, and documenting security controls. Provides direction and support to clients and internal IT groups for information security-related issues.

• Perform administration duties of varied server technologies, enterprise systems and peripheral devices, network and security devices, and all desktop computer systems and peripherals within the last five years on market.

• Assist in performing high-level analysis of complex and disparate computing systems, networks, and data architectures to identify, rectify, and prevent technical and information security vulnerabilities.

• Perform work on critical automated processes, computer systems, networks, databases, information systems, telecommunication systems, and computer policies, procedures, and practices.

• Demonstrate high-level technical skills in the areas of information security, networking and computer systems, and excellent capacity for grasping relevant details and complex systems analysis.

• Perform other related duties as assigned by the supervisor.

Skills

B. Qualification:

• Experience in Network Event Analysis, Threat Analysis, and/or Intelligence Analysis
• Experience with the following Operating Systems is recommended: Microsoft Windows (Server, workstation) Linux distributions (Ubuntu, Kali Linux, Debian, RedHat), iOS (current versions), Android OS (current versions), macOS (current versions).
• General technical skills, includes TCP/IP knowledge, SIEM, networking and security product experience, and ticket-management systems.
• Knowledge of intermediate troubleshooting, client relations, and cybersecurity principles.
• Ability to implement a plan to address and mitigate security vulnerabilities.
• Ability to recognize, analyze, and solve a variety of problems.
• Ability to communicate technical concepts to a non-technical audience.

C. Experience:

• 5/- years working experience in managing SOC and using SIEM.

D. Education and Certifications:

• Bachelor of Computer Science, Information Technology or any related domain.
• Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), GIAC (SANS), ISC (2), CEH, ECLPT, ECSA, OSCP, GCIA or CHFI preferred.

E. General Skills:

• Strong analytical and problem-solving skills, and works well in a team environment, and willingness to acquire in-depth knowledge of network- and host security technologies and products continuously improve these skills.

F. General Remarks:

• The role is for Diyar United Company- Client / Oil and Gas Sector.
• The Budget for the role is KWD 1000/- unnegotiable.
• Kuwait based/ Transferable visa.