Senior Security Engineer
Muscat, OmanCompany
National Security Services Group
Location
Muscat
Job Type
Full-time
Posted
10 days ago
Via
via Edarabia
Apply On
Job Description
Job Summary
Senior Security Engineer β Deployment and Content Development for Securonix (Next Generation SIEM Solution & UEBA).
Requirements
β’ Ability to effectively communicate and work with individuals from diverse backgrounds or cultures.
β’ Good understanding of Incident Management and Response
β’ Experience in security device management and SIEM
β’ In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
β’ Experience in threat management
β’ Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix
β’ Knowledge of applications, databases, middleware to address security threats against the same.
β’ Excellent communication skills
β’ Ability to handle high pressure situations with key stakeholders
β’ Good Analytical skills, Problem solving and Interpersonal skills
β’ Working knowledge and experience with MS office with proficiency in Excel and PowerPoint.
Professional Competencies
β’ Hands-on deployment of Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA) solutions
β’ At least 5+ years experience working in deploying and managing SIEM solutions like Securonix, Exabeam, Splunk, LogRhythm, AlienVault, ArcSight, QRadar and Nitro ESM
β’ At least 3+ years experience working in the field of Content development and worked for delivering and/or building content on Securonix, Splunk, AlienVault, ArcSight, QRadar, Nitro ESM
β’ Experience in developing custom parsers
β’ Solid networking fundamentals
β’ Solid experience with Linux/Unix operating environments (configuration and troubleshooting)
β’ Strong analytical skills to understand data and come up with use cases to enhance detection
β’ Strong understanding with information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, and cloud security tools
β’ Strong understanding of APT kill chain frameworks like MITRE, Lockheed Martin etc.
β’ Experience in Cyber Security technologies and concepts such as insider threat, malware, lateral movement, beaconing, ransomware, data theft, fraud
β’ Experience working with regular expressions and understanding of YARA rules
β’ Strong programming background with advanced skills in Java, MySQL, Hadoop is preferred.
β’ Experience in coding using Core Java and related technologies, scripting languages like Bash, Python etc.
β’ Experience in working with Hadoop/Relational databases/SQL queries.
β’ Proven skills in technical writing, verbal communications, consulting, and problem solving in a rapidly changing technical environment
β’ Proven experience being team-oriented and self-motivated, with a keen attention.
Job Duties
The following are the duties the employee can expect, but not limited to:
β’ Document SIEM implementation and deployment
β’ Create SIEM and SOC related operational documentation
β’ Integrate and share information with other analysts and other teams
β’ Provide threat and vulnerability analysis as well as security advisory services
β’ Perform regular health checks on SIEM infrastructure and data collection nodes
β’ Implement various security solutions as and when required
β’ Manage interactions with internal and external clients
β’ Support the SOC team and client in the incident response process
β’ Analyze and respond to previously undisclosed software and hardware vulnerabilities
β’ Perform data quality check on ingested data
β’ Troubleshoot and resolve data quality issues in the Securonix SIEM solution
β’ Manage SIEM backend infrastructure
β’ Develop content for Securonix Snypr platform for SIEM and UEBA modules
β’ Develop cyber threat models that can be utilized in the SIEM solution for threat detection based on inputs from the SOC team
β’ Manage day to day SIEM operational tasks
β’ Troubleshoot and resolve SIEM infrastructure related issues
β’ Perform root cause analysis, document findings and collaborate with technology/process owners to prevent future occurrences
β’ Participate in the documentation process to ensure accuracy of documentation critical to the teamβs success
β’ Implement Securonix and other SIEM solutions
β’ Perform on-boarding of new clients
β’ Perform data ingestion from different log sources into the SIEM solution
β’ Troubleshoot and resolve data ingestion issues
β’ Assist with the development of new content and tuning existing content for SIEM, IDS, and other security technologies
β’ Interact with other IT personnel, sometimes of different nationalities.
Senior Security Engineer β Deployment and Content Development for Securonix (Next Generation SIEM Solution & UEBA).
Requirements
β’ Ability to effectively communicate and work with individuals from diverse backgrounds or cultures.
β’ Good understanding of Incident Management and Response
β’ Experience in security device management and SIEM
β’ In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
β’ Experience in threat management
β’ Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix
β’ Knowledge of applications, databases, middleware to address security threats against the same.
β’ Excellent communication skills
β’ Ability to handle high pressure situations with key stakeholders
β’ Good Analytical skills, Problem solving and Interpersonal skills
β’ Working knowledge and experience with MS office with proficiency in Excel and PowerPoint.
Professional Competencies
β’ Hands-on deployment of Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA) solutions
β’ At least 5+ years experience working in deploying and managing SIEM solutions like Securonix, Exabeam, Splunk, LogRhythm, AlienVault, ArcSight, QRadar and Nitro ESM
β’ At least 3+ years experience working in the field of Content development and worked for delivering and/or building content on Securonix, Splunk, AlienVault, ArcSight, QRadar, Nitro ESM
β’ Experience in developing custom parsers
β’ Solid networking fundamentals
β’ Solid experience with Linux/Unix operating environments (configuration and troubleshooting)
β’ Strong analytical skills to understand data and come up with use cases to enhance detection
β’ Strong understanding with information security technologies such as Firewall, VPN, Intrusion detection tools, Malware tools, Authentication tools, endpoint technologies, and cloud security tools
β’ Strong understanding of APT kill chain frameworks like MITRE, Lockheed Martin etc.
β’ Experience in Cyber Security technologies and concepts such as insider threat, malware, lateral movement, beaconing, ransomware, data theft, fraud
β’ Experience working with regular expressions and understanding of YARA rules
β’ Strong programming background with advanced skills in Java, MySQL, Hadoop is preferred.
β’ Experience in coding using Core Java and related technologies, scripting languages like Bash, Python etc.
β’ Experience in working with Hadoop/Relational databases/SQL queries.
β’ Proven skills in technical writing, verbal communications, consulting, and problem solving in a rapidly changing technical environment
β’ Proven experience being team-oriented and self-motivated, with a keen attention.
Job Duties
The following are the duties the employee can expect, but not limited to:
β’ Document SIEM implementation and deployment
β’ Create SIEM and SOC related operational documentation
β’ Integrate and share information with other analysts and other teams
β’ Provide threat and vulnerability analysis as well as security advisory services
β’ Perform regular health checks on SIEM infrastructure and data collection nodes
β’ Implement various security solutions as and when required
β’ Manage interactions with internal and external clients
β’ Support the SOC team and client in the incident response process
β’ Analyze and respond to previously undisclosed software and hardware vulnerabilities
β’ Perform data quality check on ingested data
β’ Troubleshoot and resolve data quality issues in the Securonix SIEM solution
β’ Manage SIEM backend infrastructure
β’ Develop content for Securonix Snypr platform for SIEM and UEBA modules
β’ Develop cyber threat models that can be utilized in the SIEM solution for threat detection based on inputs from the SOC team
β’ Manage day to day SIEM operational tasks
β’ Troubleshoot and resolve SIEM infrastructure related issues
β’ Perform root cause analysis, document findings and collaborate with technology/process owners to prevent future occurrences
β’ Participate in the documentation process to ensure accuracy of documentation critical to the teamβs success
β’ Implement Securonix and other SIEM solutions
β’ Perform on-boarding of new clients
β’ Perform data ingestion from different log sources into the SIEM solution
β’ Troubleshoot and resolve data ingestion issues
β’ Assist with the development of new content and tuning existing content for SIEM, IDS, and other security technologies
β’ Interact with other IT personnel, sometimes of different nationalities.
More Jobs
Security Guard (Night Shift Only)
Confidential Β· 20 days ago
Loss Prevention Officer
JW Marriott Muscat Β· 3 days ago
Senior Officer Safety & Security
Oman Air Β· 11 days ago
Security Guard / Security Officer
DPPS Watchman Security Services LLC Β· 5 days ago
Security Guard positions in Muscat
Go Get Hires Now Β· 3 days ago
Officer Security
Oman Air Β· 11 days ago
Latest Articles
