The largest job portal in the Middle East
Apply now

Job Details

  1. Home
  2. Job Details

Contract Threat Defense Operations Lead Manager
Apply Now

Job Description

Reporting to the Head of Information Security Cyber Defense Operations. The threat defense operations lead is responsible for the creation of detection logic and the maintenance of data source containing information on indicators, correlations, and existing detection logic. The employee works closely with information security teams, Information Technology Department (ITD) and other business departments to identify data sources, develop customized SIEM use cases, and advise on SIEM configuration.

  • Work closely with ITD to review alerts generated by detection infrastructure, specifically false positive alerts.
  • Analyze threat information gathered from internal and external sources such as generated logs, Intrusion Detection Systems (IDS), intelligence reports from Cyber Threat Intelligence, and relevant vendor site.
  • Custom/unsupported devices integration with Sentinel SIEM and use cases creation.
  • Content / Use Case creation on SIEM to cover all stages of MITRE.
  • In collaboration with other members of information security, identify and hunt for threat actor groups, related tools, techniques, and procedures (TTPs) and Indicators of Compromise (IOCs)
  • Create detection logic tailored to the Group threat landscape using industry-specific intelligence and developed use cases in the form of threat rules and signatures.
  • Work closely with ITD to add data sources and advise on SIEM configuration.
  • Operationalize the identified Indicator of Compromise by testing and overseeing the deployment of SIEM monitoring and alerting rules.
  • Support Cyber Threat Intelligence and IS Risk Management teams by providing them with the adequate threat landscape context to be reflected within group threat and risk management activities
  • Work with Threat Analysts to identify and recommend new internal and external data sources to leverage for developing additional threat detection logic.
  • Creation of customized reports and dashboards for presentation to various stakeholders.
  • Ability to perform analysis of logs from various devices and develop SIEM use cases considering evolving threat landscape for anomaly detection

Posted By MASADER
Apply Now