Security Analyst

Overview: As a Security Analyst (Tier 1), you will be responsible for monitoring in-house and client security alerts/incidents while working shifts. Primary responsibilities include monitoring SIEM platform triaging alerts, work to cover 24/7 service with (8+1) hour work shifts, participating in threat-actor based investigations, suggesting new detection methodologies and providing expert support to alerting, incident response and monitoring functions. Your day-to-day operations will involve dealing with SIEM Monitoring, various reporting and security incident handling. Responsibilities: Your key responsibilities

• Coordinating and conducting event collection, log management, event management, compliance automation and identity monitoring activities using SIEM technologies.
• Investigate incidents using SIEM and Bigdata technologies, packet captures, reports, data visualization and pattern analysis.
• Ensure all incidents are handled within SLA and before end of shift.
• Detect, identify, provide first-level incident handling of possible attacks/intrusions, anomalous activities, misuse activities and distinguish these incidents and events from non-malicious activities.
• Effectively monitor health of the various log sources and report engineering teams in case of missing sources.
• Monitor SIEM and SOC tools to identify potential performance problems, data loss, misconfigurations in SOC infrastructure also in the cloud.
• Monitor external data sources (e.g., Threat Feeds) to maintain up to date threat conditions and determine the scope of impact of any incident on the Organization.
• Perform vulnerability scans, reviewing the vulnerability scan results and support creating remediation actions.
• Comply with G42 Acceptable Use Policy, attend mandatory information security, privacy, business continuity and HSE trainings.
• Report information security, HSE etc. incidents or suspect incidents through G42 established incident reporting channels.
• Maintain confidentiality of information and classify and handle information ad per G42 Policies and Procedures

Qualifications: To qualify for the role you must have

• 2+ years of related experience in information technology and/or information security preferred.
• Experienced with data analysis, centralized logging (Splunk. QRadar, ELK, Kafka, syslog, etc.);
• Scripting and development skills (BASH, Perl, Python or Java) with strong knowledge of regular expressions.
  Capability to develop use cases or additional detection capabilities based on the SIEM query language, understanding of incident response.
• Skill to analyze large data sets and unstructured data, manually or using tools to identify trends and anomalies indicative of malicious activity.
• Linux incident handling skill would be ideal
• Knowledge of current security threats, techniques and landscape, and dedicated desire to research current information security landscape.
• Experience in analyzing networking protocols, firewalls, host and network IPS, Linux, virtualization containers technologies, databases, web servers.

What we look for

If you are a performance-driven, inquisitive mind with the agility to adapt to ambiguity, you will fit right in. You should be eager to explore opportunities to build meaningful collaborations with stakeholders and aspire to create unique customer-centric solutions. Bias for action and a passion to conquer new frontiers in the AI space is at the heart of the Core42 community.

What working at Core42 offers

Culture: An open, diverse and inclusive environment with a global vision that encourages personal growth and focuses on ground-breaking, industry-first innovations.

Career: Outstanding learning, development & growth opportunities via structured training programs and innovative, high-tech projects.

Work-Life: A hybrid work policy to strike the perfect balance between office and home.

Rewards: A competitive remuneration package with a host of perks including healthcare, education support, leave benefits and more.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.