Senior SOC Security Analyst L2 - Digital14

Download as pdf or txt
Download as pdf or txt
You are on page 1of 1

Senior SOC Security Analyst (L2)

Abu Dhabi, United Arab Emirates

At Digital14, trust is at the heart of everything we do just because it is essential to every part of our connected
digital world. Whether its enjoying the freedom of a protected internet, secure transactions or safe
communications - we protect, transform and nurture today so that all people can flourish with the freedom to
achieve their potential tomorrow. We are Digital14.

As a Senior SOC Security Analyst (L2) you will perform further investigation and analysis of events of interest
(EOI) identified through the initial triage done by Tier 1 Analysts. You will perform deep dive analysis on event
data for anomalies, patterns or advanced threats.

The responsibilities of a Tier 2 Analyst include:

• Validate the Incidents escalated by Tier 1 SOC Security Analysts.


• Perform second level of incident handling, and security monitoring and validation of physical security,
IOT, and SCADA environments.
• Analyze, and communicate with stakeholders, the threats associated with every incident.
• Coordinate with relevant stakeholders to validate network alerts.
• Conduct analysis of log files, evidence, and other information in order to determine best methods for
identifying attackers.
• Characterize and analyze network traffic to identify anomalous activity and potential threats to network
resources.
• Monitor external data sources (e.g., Threat Intelligent sources, Dubai AE-CERT Teams, etc.) to maintain
currency of threat condition and determine which security issues may have an impact on the
organization services and information’s.
• Conduct research, analysis, and correlation across wide variety data sets (e.g., indications and
warnings).
• Provide recommendations for SIEM content development, tuning, reports and dashboards.
• Provide recommendations for device configuration to facilitate optimal performance.

What you’ll need to succeed in this role:

• 6+ years of hands on experience in Information Security domain.


• 3+ years of experience in IT/OT SOC environments.
• Direct Exposure to either two or more of the following technologies: Splunk, McAfee, Symantec,
Tripwire, and Cisco.
• Must be currently working in a Security Operations Environment, preferably in a power plant
environment.
• Experience working with ICS best practices and frameworks such as: ISA-99/IEC-62443, NERC CIP,
NIST SP 800-82, etc.

You might also like