Operational Engineer L 2 – Web Application Security
|The Emirates Group
|No. Of Vacancies:
At Emirates, we believe in connecting the world, to and through, our global hub in Dubai and in constantly innovating to ensure our customers ‘Fly Better’. Our Cyber Defence Operations team is looking to urgently hire an Operational Engineer Level 2 – Web Application Security to dive into the intricate world of web application security, ensuring the safety of our online platforms.
Your role is to lead and oversee Cybersecurity analysis, activities monitoring and investigations within a shift. You will handle advanced incidents and service requests and guide Level 1 engineers and provide expertise in complex troubleshooting scenarios. Additionally you will coordinate with escalation engineers on the investigation and resolution of critical cybersecurity incidents as well as ensure accurate triage, timely escalation and resolution within SLAs. This role is on-site and based on shift rotation within a 24×7 Operation.
What you will do:
Address escalated incidents and service requests.
Guide Level 1 engineers in troubleshooting.
Ensure timely resolution and fulfilment of escalated issues.
Maintain clear documentation of complex incidents.
Monitor external threat data sources to maintain the cyber network defence threat conditions and determine which security issues may have an impact on the enterprise.
Perform a detailed analysis of cyber threat adversaries and recommend preventative countermeasures.
Assess and identify Advance Persistent Threat (APT) activities.
Maintain and support the shift log for effective shift handover.
Monitor and review triage activities performed by the L1 analysts and ensure accurate closure.
Assist in creating playbooks and updating the knowledge base repository.
Specific knowledge and skills for the role of Operational Engineers Level 2 – Web Application Security.
The following are critical skills required to be successful in this role:
Configuration and Deployment: Proficiency in setting up and deploying both WAFs and Network Firewalls within the network infrastructure, understanding their roles in protecting web applications and securing the network perimeter.
Policy Management: Creation and management of security policies for both WAFs and Network Firewalls, tailoring rules to protect against various threats (such as SQL injection, XSS, malware, unauthorized access) and ensuring accurate traffic filtering.
Rule Configuration and Monitoring: Configuration and monitoring of firewall rules, both for web application traffic and network traffic, ensuring effective filtering, identifying potential security threats, and performing basic analysis to detect anomalies.
Incident Response and Collaboration: Understanding of incident response protocols related to both WAFs and Network Firewalls, including initial response to alerts, incident identification, reporting, and collaboration with teams to address security events.
Documentation and Reporting: Maintaining documentation for both WAF and Network Firewall configurations, policies, and incident responses, as well as generating basic reports on firewall activities and security incidents for future reference.
Qualifications & Experience
What you will bring:
A degree or Honours (12+3 or equivalent) in Computer Science, Information Systems, Engineering, Telecommunications, or other related scientific or technical discipline is desired.
3+ years’ experience in a cross-functional and interdisciplinary team. GIAC Certified Incident Handler (GCIH) or equivalent certification is mandatory.
Knowledge and skills:
-Threat Detection and Response (CSOC): Able to analyse security alerts and differentiate false positives. Advanced proficiency in administration and configuration of SIEM, EDR and other security Platforms.
-Infrastructure Protection: Proficiency in advanced firewall configurations and intrusion detection systems.
-Identity: Understanding of advanced IAM configurations and role-based access controls.
-Advanced understanding of enterprise IT Cybersecurity operational environment.
-Understanding of the latest security principles, techniques, and protocols.
-Clear thinking and ability to deal with escalations effectively.
-Knowledge of database and operating system security.
-Knowledge of web servers, operating systems, and network protocols.
-Excellent verbal and written communication skills.
-Ability to triage and escalate effectively.