SOC Senior Specialist

Mission
·       To collaborate in continually improving SOC and CSIRT team processes and solutions

·       To provide visibility on network and systems activities from security point of view.

·       To effectively respond to the security incidents in MTNIrancell network from detections to resolution and ensure types of security incidents can be detected and responded.

·       To implement, extend and monitor AI driven extended detection and response along with static and dynamic malware analysis.


To ensure continuity of 24x7/365 security services across MTNIrancell while overseeing security event monitoring, management, and response.
To perform ongoing review and tuning of network behavior analysis to detect network threats and improve detection quality.
To ensure incident identification, assessment, quantification, reporting, communication and mitigation while confirming SLA compliance, process adherence, and process improvement to achieve operational objectives.
To perform daily administration and maintenance of security devices under the purview of the SOC which consists of state-of-the art technologies
To perform threat hunting, threat management, threat modelling, identify threat vectors and develop use cases for security monitoring. 
To gather evidences, evaluate risk and deliver a plan to respond to contain and remove security threats as quickly and safely as possible.
To verify discovered vulnerabilities according to metrics; correlate and collate the information; apply treatment and hardening and create intelligence reports that communicate the results of the analyses to management and related stakeholders.
To build and maintain positive working relationship with stakeholders including cooperating with CRA and FATA Police to meet their requirements.
To define, develop and review key security performance indicators that ensure service delivery and service improvements
To tune and health check sandbox solution for detection of state-of-art and zero-day malwares.
To implement and continually improve Digital Forensics capability, tools and processes
To develop and revise processes to strengthen the current Security Operations framework, review policies and highlight the challenges.
To educate ITS /NWG/ ICS on importance of security monitoring and need for improvement in log collections
·       To expand, tune and health check of extended detection and response (XDR) solution
To liaise with ITS, NWG and IFM teams to define new scenarios to detect unauthorized and malicious activities


Job Requirements
 

Education
·        Bachelor’s Degree in Technology Systems (Information Technology / Computer Engineering / Information Security) or related discipline
 

Experience
·       Minimum of 5 years’ experience in cyber security areas.

·       Experience working in a medium to large organization

·       Experienced with log analysis tools, creating parsers, correlation rules and managing reports and dashboards

·       Experience in developing, documenting and maintaining security procedures and playbooks

·       Desirable CEH, SANS, CCNP, CISSP or similar