Senior Security Analyst

• Working in shifts to cover 24/7 service with (8+1) hour work shifts.
• Coordinating and conducting event collection, log management, event management, compliance automation and identity monitoring activities using SIEM technologies.
• Investigate incidents using SIEM and Bigdata technologies, packet captures, reports, data visualization and pattern analysis.
• Ensure all incidents are handled within SLA and closed before end of shift.
• Detect, identify, participate and perform proactive threat hunting, perform incident handling of possible attacks/intrusions, anomalous activities, misuse activities and distinguish these incidents and events from non-malicious activities.
• Define various SOPs and ensure they are updated periodically.
• Monitor SIEM and SOC tools to identify potential performance problems, data loss, misconfigurations as in SOC infrastructure also in the cloud.
• Review various detection controls, improve detection and assist in improving security operations visibility, assist in improving the capabilities of the current defensive security tools.
• Suggest and perform fine-tuning on SIEM platform as and when needed, work closely with engineering team to identify new detections.

What you will need to succeed:

• 5+ years of related experience in information technology and/or information security preferred.
• Experienced with data analysis, centralized logging (Splunk. QRadar, ELK, Kafka, rsyslog, etc.);
• Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions.
• Offensive Security Certifications like OSCP, OSCE etc
• Splunk certifications and experience