Security Specialist – SOC Analyst

Overview

The Security Specialist is responsible for the administration of the organization’s information and data security policies and practices. The primary goal of this role is to ensure that authorized users can access information with ease while protecting its confidentiality, integrity, and availability in accordance with security best practices. The Security Specialist will manage, monitor, and respond to security incidents, ensuring the organization's information systems remain secure. This individual will play an integral part in maintaining compliance with internal security standards and external regulatory frameworks.

Responsibilities

Service Management and Service Operation

Draft and maintain security policies, standards, procedures, and documentation.

Monitor compliance with security operations procedures and assess systems for potential or actual breaches.

Investigate security breaches and ensure thorough investigation and remediation actions.

Implement system changes required to maintain security.

Ensure the accuracy and completeness of security records.

Strategy & Architecture and Information Strategy

Assess vulnerabilities and perform security risk assessments on business applications and computer systems.

Provide expert advice on security strategies to mitigate identified risks.

Investigate major security breaches and recommend appropriate control improvements.

Contribute to the development of security standards and guidelines.

Conduct risk assessments, business impact analysis, and accreditation for all major information systems.

Apply appropriate forensics to investigate vulnerabilities and breaches.

Plan, Prioritize, and Solve Problems

Develop team / unit goals, strategies, and plans aligned with organizational objectives.

Anticipate the impact of changes (e.g., government policy, economic conditions) and adjust strategies accordingly.

Ensure activities align with the organization’s change initiatives.

Evaluate achievements and adapt future strategies.

Technology

Apply a solid understanding of relevant technology and select the best tools for assigned tasks.

Leverage a broad range of communications technologies to deliver effective security messages.

Ensure compliance with information and communication security policies.

Identify opportunities to use existing technologies to achieve team outcomes.

Support compliance with the organization's records and knowledge management requirements.

Key Accountabilities

Monitor security alerts using Security Information and Event Management (SIEM) tools.

Investigate and analyze security incidents, determining root causes and impacts.

Respond to security incidents, implementing containment, eradication, and recovery measures.

Conduct proactive threat hunting activities to identify potential vulnerabilities.

Maintain and configure security tools such as firewalls, intrusion detection / prevention systems, and endpoint protection solutions.

Collaborate with IT teams to ensure adherence to security best practices.

Develop, maintain, and update incident response playbooks and procedures.

Perform regular security assessments and vulnerability scans.

Stay updated with the latest trends and technologies in cybersecurity.

Coordinate incident response efforts in the event of a breach, ensuring compliance with national security agencies when necessary.

Conduct internal investigations, identify root causes of incidents, and recommend corrective actions.

Develop custom security signatures / rules for detection and prevention systems.

Create custom scripts for analysis and automation in security tasks.

Develop, tune, and implement threat detection analytics and security sensors.

Additional Responsibilities

Participate in internal cyber drills and disaster recovery exercises.

Conduct vulnerability assessments and penetration tests to identify and address security risks.

Collaborate with the National Cyber Security Agency during major incidents.

Qualifications and Requirements Essential Qualifications :

Education : Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Certifications :

Certified SOC Analyst (CSA), Certified Ethical Hacker (CEH), Microsoft Security Operations Analyst-SE 200 professional certification is mandatory.

Relevant certifications (e.g., CompTIA Security+, CISSP, GIAC Security Essentials (GSEC), GCIH) are preferred.

Experience :

Minimum 5-6 years of experience in cybersecurity, ideally in a SOC (Security Operations Center) environment.

Hands-on experience with SIEM tools such as Azure Sentinel is a must.

Experience in incident response, threat hunting, and vulnerability management.

Familiarity with Microsoft Defender, Microsoft Cloud Defender, Microsoft Purview, Microsoft Insider Risk Management, and vulnerability scanning tools (e.g., Tenable, Burp Suite).

Experience with regulatory and compliance frameworks like GDPR, HIPAA, ISO 27001, Qatar 2022 CSF is a plus.

Seniority level

Mid-Senior level

Employment type

Full-time

Job function

Information Technology

Industries

Outsourcing and Offshoring Consulting

#J-18808-Ljbffr