IR Lead Export Jobs in Abu Dhabi – UAE at Raqmiyat LLC Abu Dhabi

Title: IR Lead Export

Company: Raqmiyat LLC Abu Dhabi

Location: Abu Dhabi – UAE

Type: Full Time

Category: IT/Tech, Security

Position:  IR Lead Export Role


IR Lead Export

Role Key

ResponsibilitiesAnalyze security events to verify incidents and theirpotential impact and risk to the clients

Prepare and share incident analysis form to initiateresponse to validated events by engaging the required teams orresources to address the security incidents

Respond to IT Security incidents within the defined SLAPerform detailed analysis of incidents in order to gather moreinformation on the incidents Identify mechanism to contain anderadicate the incident Once the incident hasbeen contained and eradicated, ensure that proper recovery actionsare performed Investigate raised IT security incidents and initiateresolution by engaging the responsible teams, and escalatingattention as needed to address threats and close risks

Utilize ticketing tool for efficient tracking of theincidents and investigation requests Coordinating investigations ofsuspected attacks and breaches of security and Perform forensicinvestigation and analysis as required following industry bestpractices Perform a root cause analysis of the incident to ensurethat the same vulnerabilities are not exploited in thefuture Share the lessons learned with the SOCteam Supporting in documenting new playbooks and updating existingones  Qualifications &Certifications  BABS or MAMS inEngineering, Computer Science, Information Security, or Information

Systems required and 5+ years of experience in one or more of thefollowing areas proactive and reactive hunt techniques, zero-dayexploit activities, malware identification 3+ years of experienceleading high-functioning teams Expertknowledge of network monitoring and network exploitationtechniques

Experience withcommon attackvectors, including advanced adversaries (nation statefinancialmotivation) Knowledge around common web application attacksincluding SQL injection, cross-site scripting, invalid inputs andforceful browsing Knowledge of how common protocols andapplications work at the network level, including DNS, HTTP, andSMB Strong written communication skills

Required certifications include, Security+, CEH, GCIA, GCIH, CISSPor similar

Experience workingwith cyber security tools andsoftware such as Splunk, Symantec End Point, Trend

Micro Antivirus,McAfee Web Gateway, Checkpoint Firewalls, Bluecoat, Sourcefire,Active Directory, or relevant cyber security assets   Summary ofExperience  8-10 years experience inSOC operations and IR management Leading IRteam operations and in-house cyber security for multipleorganizational entities using ARCSIGHTSIEM, SECURONIX SIEM, SPLUNKSIEM, LOGRHYTHM SIEM Hands-on monitoring ofcentralized SIEM tools to tackle down malware infections andoutbreaks for multiple entities Experienced inEDR Solutions like McAfee Active Response, Carbon Black, Crowdstrike Falcon Host, Nexthink Experienced inNetwork Learning

Machine Learning Solution Darktrace Advising

Organizational entities on a particular incident remediation andThreat landscape Malware Analysis for the compromised machineimages and preparing root cause analysis report

Spam mail investigation and remediation Operating andManaging Vulnerability Management solutions such as Nessus, Qualys,Tenable, Outpost


About Raqmiyat LLC Abu Dhabi