Operational Engineer L 1- CSOC
|The Emirates Group
|No. Of Vacancies:
At Emirates, we believe in connecting the world, to and through, our global hub in Dubai and in constantly innovating to ensure our customers ‘Fly Better’. Our Cyber Defence Operations team is looking to urgently hire an Operational Engineer – Level 1 CSOC.
A role for cybersecurity enthusiasts to kickstart their career in monitoring and analysing security events as well as supporting co-ordination of associated remediation efforts.
Your role is to monitor, analyse and respond to Cybersecurity issues. You will serve as the first line of defence, address incidents, service requests and ensure efficient triage and routing of more complex issues. The role is on-site and based on shift rotation within a 24×7 operations.
What you will do:
-Respond to incoming incidents and service requests. Assist with the detection, prevention, identification and reporting of potential cybersecurity incidents including but not limited to attacks, intrusions, anomalous activities and misuse activities.
-Assist with performing correlation of security events and incidents using information gathered from a variety of sources within the organization.
-Collaborate with Level 2 engineers for escalated issues and further analysis. Document and escalate incidents, including event history, status and potential impact to higher tiers for support and where in-depth investigation may be required.
-Document incidents and service requests. Manage all confirmed incidents in accordance with the incident management process. Assist in the tracking and documentation of cyber incidents from initial detection through to final resolution.
-Support daily shift handover and basic KPI reporting inputs.
Specific knowledge and skills relevant to the role of Operational Engineer – Level 1 CSOC.
The following are critical skills required to be successful in this role:
-A strong foundation in cybersecurity principles, concepts, and best practices is crucial. This includes understanding common attack vectors, malware types, and security protocols.
-Proficiency in using SIEM tools is essential for monitoring and analysing security events. This involves the ability to correlate and interpret log data from various sources to identify potential security incidents.
-Knowledge of incident response procedures is key. This includes the ability to respond to security incidents, mitigate threats, and document the entire incident response process quickly and effectively.
-Understanding network protocols, traffic analysis, and the ability to identify suspicious or malicious network activities are vital skills for a CSOC Level 1 analyst. This involves monitoring network traffic and identifying anomalies.
-Strong communication skills are crucial for collaborating with team members, sharing insights about security incidents, and providing clear and concise reports to stakeholders. This includes both written and verbal communication.
Qualifications & Experience
What you will bring:
A degree in computer science, information systems, engineering, telecommunications, or other related scientific or technical discipline is desired, four (4) additional years of overall experience as below may be substituted for the degree.
Overall 2+ years’ experience working in a large-scale IT environment with a focus on Information Security.
Experience working in a CyberSecurity Operations Centre (CSOC) or Network Operations Centre (NOC) is desired.
Experience working with Commercial Off-the-shelf (COTS) technologies in a CSOC is desired.
Knowledge and skills:
- Threat Detection and Response (CSOC): Basic understanding of threat landscape and security alerts
- Infrastructure Protection: Knowledge of basic firewall and network security configurations.
- Identity: Familiarity with standard IAM tools and user access provisioning
- Knowledge of Windows and Linux operating systems
- Knowledge of network infrastructure including routing and switching
- Knowledge of web servers, databases, and operating system security
- Understanding of the latest security principles, techniques, and protocols
- Ability to multi-task, work independently and as a part of a team, share workloads, and deal with sudden shifts in priorities.
- Ability to triage and escalate effectively.