Job Opportunities in Egypt

Job Overview

• Having good knowledge on SIEM, FIM, IPS, Network devices and TCP/IP model, Ports
  and Incident analysis.
• Good verbal/written communication skills. Review of daily health Check: Log Rhythm, Qradar and their components.
• Data Archiving and backup and data purging as per need and compliance.
• Evidence collection for audits and documentation of all activities performed and recorded.
• Raising Change management tickets for SOC Admin activities and incidents at ticketing tool.
• Helping L2 with required knowledge base details and basic documentations.
• Co-ordination with SOC Monitoring team on troubleshooting issues and highlighting it to L2 L3 for further resolution and escalation.
• High ethics, ability to protect confidential information.
• Also, creation of active channels, reports, lists, filters, modifying the rules (fair knowledge) and dashboard.
• Update and maintain SOC knowledge base for new security incidents and docs.
• Creation of daily status report sheet and submit to SOC Admin lead for review.
• Troubleshooting non-reporting devices and maintain device status reporting
• Troubleshooting issues occurred on daily health check system notifications
• Creating change request tickets for SOC admin activities, issues and incidents.

• Escalation points for SOC Monitoring team.
• Experience in SIEM administration and Event flow architecture and different types of logs generated by devices like Windows, Proxy, Network Devices, Database etc.
• Good understanding of Firewall, IDP/IPS, SIEM functioning
• Providing Inputs and Assisting to Prepare HLD LLD
• Deep understanding of Windows, DB, Mail cluster, VM and Linux commands.
• Knowledge of network protocols TCP/IP and ports.
• Team Spirit and working ideas heading to resolution of issues.
• Good verbal/written communication skills.
• Tools: Good knowledge on: SIEM (Log Rhythm, Qradar, Arc Sight)
• FIM (Tripwire)
• IPS/IDS (IBM, CISCO)
• Firewall (Checkpoint, Cisco ASA, PA