Senior Security Engineer

Overview

As a Senior Security Engineer in G42C-SOC Team, you will Analyze and research known indicators, correlate events, identify malicious activity, and discover new sources to provide early warning related to a variety of Cyber threats, monitor Open Source and commercial feeds and threat actor activity to identify activity levels and indicators for Cyber threats and Cyber-attacks. You will also lead and develop various detection techniques align with Mitre framework also mapping existing detections with AE-CERT etc; and define and drive G42C threat intelligence initiative towards strategical and tactical aspects and work towards creating a fusion of intel through various sources.

Responsibilities

• Your key responsibilities Research, analyze and understand log sources utilized for the purpose of security monitoring, particularly security and networking devices.
• Manage the analysis efforts of one or more threat actors.
• Serve as a subject matter expert on how those actors might affect G42C and our customers.
• Scripting and automation is must, write code to automate analyst workflows, and to improve our threat intelligence systems.
• Write reports about attacker activity, trends, tactics, techniques and procedures (TTPs).
• Brief internal customers and work together with partner teams to mitigate attacker techniques.
• Experience using Cyber Kill Chain Work closely with threat intelligence and SOC analysts to implement detection for the knowledge and information shared about current and changing threat landscapes.
• Comply with applicable laws, regulations, international standards and related G42 Policies and Procedures.
• Comply with G42 Acceptable Use Policy, attend mandatory information security, privacy, business continuity and HSE trainings.
• Report information security, HSE etc. incidents or suspect incidents through G42 established incident reporting channels.
• Maintain confidentiality of information and classify and handle information ad per G42 Policies and Procedures

Qualifications

• To qualify for the role you must have 8+ years of IT Security Experience, at least 2+ years working in threat intelligence teams.
• Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions.
• Certified in any relevant security certifications like SIEM platform certifications, SOAR, Vulnerability Management certifications etc..
• SANS Trainings and GIAC Certifications Offensive Security Certifications like OSCP, OSCE etc.
• Threat Intelligence platform related vendor certification preferred.
• Experience using Cloud preferred.