About the job

• Lead and coordinate the response to cybersecurity incidents, including breaches, malware infections, and unauthorized access.

• Conduct thorough investigations to determine the scope, impact, and root cause of security incidents.

• Devel

About the job

• Lead and coordinate the response to cybersecurity incidents, including breaches, malware infections, and unauthorized access.

• Conduct thorough investigations to determine the scope, impact, and root cause of security incidents.

• Develop and implement incident response plans and playbooks, ensuring efficient and effective response efforts.

• Collaborate with cross-functional teams to contain, eradicate, and recover from security incidents.

• Document incident details, findings, and response actions for post-incident analysis and reporting.

• Stay informed about emerging threats, vulnerabilities, and incident response best practices.

• Provide guidance and support to IT and security teams during incident response efforts.

• Participate in tabletop exercises and simulation drills to enhance incident response readiness.

• Work with legal and compliance teams to ensure incident response activities align with regulatory requirements.

• Contribute to the continuous improvement of incident response processes and procedures.

• Monitor security alerts and incidents, responding promptly to mitigate potential threats.

• Conduct in-depth analysis of security events, correlating data from various sources to determine the scope and severity of incidents.

• Investigate and triage security incidents, providing detailed reports on findings and recommended remediation actions

• Collaborate with Level 1 SOC analysts to escalate and coordinate incident response efforts.

Utilize security information and event management (SIEM) tools to identify and analyze patterns of suspicious activity.

• Develop and maintain SOC documentation, including incident response procedures and playbooks.

• Participate in the continuous improvement of SOC processes and procedures.

• Stay informed about the latest cybersecurity threats, vulnerabilities, and technologies.

• Assist in the development and execution of threat hunting activities to proactively identify potential security issues.

• Collaborate with cross-functional teams to ensure effective communication and coordination during incident response

Experience and Qualification requirements

• B.S. degree in in Information Technology, cybersecurity, information systems, computer science, computer engineer or a relevant field

• 1+ year prior experience in similar position or 3 years at Layer 1 analytics

• Experience with analysis and inspection of log information, packets, and other security tool information output from a variety of sources

• Familiar with local and international Cybersecurity Framework and Standards such as ISO27001 & NIST Framework

• Solid communication skills and the ability to work as a part of JHAH team.

• High level of competence in spoken and written Arabic and English language (Samples might be requested)

• Experience with log management or security information management tools

• Ability to make information security risk determinations

• Desired certifications include SEC401, SEC503, SEC464, SEC501, SEC504

• supervise Level 2 SOC analysts, providing guidance and mentorship in incident response and analysis.

• Conduct advanced threat hunting and proactive security analysis to identify sophisticated and persistent threats.

• Respond to and lead the investigation of complex security incidents, coordinating with internal and external stakeholders.

• Develop and implement incident response playbooks, ensuring the efficiency and effectiveness of response efforts.

• Collaborate with threat intelligence teams to integrate threat feeds and enhance detection capabilities.

• Provide expertise in developing and fine-tuning correlation rules and alerts within SIEM tools.

• Contribute to the development and execution of red teaming and simulation exercises.

• Stay abreast of emerging cybersecurity threats, vulnerabilities, and industry best practices.

• Participate in the evaluation and deployment of advanced security technologies.

• Engage with cross-functional teams to enhance overall cybersecurity posture and resilience.