Job Details
Type: Full Time
Post Date: 30+ days ago
Industry: Other
Job Description
Job Summary
Facilitate the incident management process to ensure successful integration with the other areas in Mobily security.
Perform investigation and escalation for complex or high severity security threats or incidents.
Coordinate evidence/data gathering and documentation and review security incident reports.
Manage security incidents from identification through remediation; receive, document, and report cyber security events.
Categorize incidents and implement corresponding escalation procedures, Communicate and coordinate incident response efforts
Perform intrusion scope and root cause analyses, assist intrusion remediation and strategy implementation.
Conduct daily operational update meetings for SOC staff and unscheduled situational update briefings for management
Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
Recommend effective process changes to enhance defense and response procedures.
Coordinate with IT and Network Operations to resolve high or critical severity level incidents
Analyze compromised/potentially compromised systems and participate in incident response
Monitor and audit malicious activity observed by or reported to the SOC.
Perform other duties as required by higher levels of supervision.
Skills
Experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT) or Computer Incident Response Team (CIRT)
Must have experience working with various event logging systems and must be proficient in the review of security event log analysis. Previous experience with Security Information and Event Monitoring (SIEM) platforms that perform log collection, analysis, correlation, and alerting is also required – preferably at least one year’s hands on experience with ArchSight
Must have experience with the identification and implementation of counter-measures or mitigating controls for deployment and implementation in the enterprise network environment
Strong technical understanding of network fundamentals and common Internet protocols.
System forensics/investigation skills, including analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise.
Strong technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.).
Experience responding to security incidents in a production environment, such as investigating and remediating possible endpoint malware infections and mitigating email borne threats such as spam and phishing.
Advanced knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc)
Advanced knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)
Advanced knowledge of malware operation and indicators (Wireshark, Gigastor, Netwitness, etc.)
Education
Information Systems, Computer Science, or related engineering discipline.
Etihad Etisalat (Mobily) is a Saudi company launched commercially in May 2005. Mobily provides integrated services for three main sectors, individuals, businesses, and carriers. It has one of the largest wireless networks by coverage in Saudi Arabia as well as the region, and one of the widest FTTH networks, in addition to one of the largest data center systems worldwide.
View All JobsJoin Our MuslimJobs Community
Join our community of professionals looking to grow in our careers and in our deen