Overview:
As a Senior Security Engineer in G42C-SOC Team, you will Analyze and research known indicators, correlate events, identify malicious activity, and discover new sources to provide early warning related to a variety of Cyber threats, monitor Open Source and commercial feeds and threat actor activity to identify activity levels and indicators for Cyber threats and Cyber-attacks. You will also lead and develop various detection techniques align with Mitre framework also mapping existing detections with AE-CERT etc; and define and drive G42C threat intelligence initiative towards strategical and tactical aspects and work towards creating a fusion of intel through various sources.
Responsibilities:
Your key responsibilities
- Research, analyze and understand log sources utilized for the purpose of security monitoring, particularly security and networking devices.
- Manage the analysis efforts of one or more threat actors. Serve as a subject matter expert on how those actors might affect G42C and our customers.
- Scripting and automation is must, write code to automate analyst workflows, and to improve our threat intelligence systems.
- Write reports about attacker activity, trends, tactics, techniques and procedures (TTPs). Brief internal customers and work together with partner teams to mitigate attacker techniques.
- Experience using Cyber Kill Chain
- Work closely with threat intelligence and SOC analysts to implement detection for the knowledge and information shared about current and changing threat landscapes.
- Comply with applicable laws, regulations, international standards and related G42 Policies and Procedures.
- Comply with G42 Acceptable Use Policy, attend mandatory information security, privacy, business continuity and HSE trainings.
- Report information security, HSE etc. incidents or suspect incidents through G42 established incident reporting channels.
- Maintain confidentiality of information and classify and handle information ad per G42 Policies and Procedures
Qualifications:
To qualify for the role you must have
- 8+ years of IT Security Experience, at least 2+ years working in threat intelligence teams.
- Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions.
- Certified in any relevant security certifications like SIEM platform certifications, SOAR, Vulnerability Management certifications etc..
- SANS Trainings and GIAC Certifications
- Offensive Security Certifications like OSCP, OSCE etc.
- Threat Intelligence platform related vendor certification preferred.
- Experience using Cloud preferred.