Job Opportunities in Qatar
October 15, 2024
Proztec
Doha
FULL TIME
SOC L2 Analyst
Job Title: SOC L2 Analyst
Reports to: SOC Manager
Department: Information Technology Services
Job Purpose
The SOC L2 Analyst plays a key role in providing 24/7 security monitoring and incident response for IT and Operational Technology (OT) systems. This position focuses on investigating and responding to high-priority security incidents, particularly those targeting OT systems.
Key Responsibilities
Pay: QAR6,000.00 - QAR12,000.00 per month
Reports to: SOC Manager
Department: Information Technology Services
Job Purpose
The SOC L2 Analyst plays a key role in providing 24/7 security monitoring and incident response for IT and Operational Technology (OT) systems. This position focuses on investigating and responding to high-priority security incidents, particularly those targeting OT systems.
Key Responsibilities
- Investigate and analyze high-priority security incidents, especially those affecting OT systems.
- Serve as an escalation point for SOC L1 Analysts for IT and OT incidents.
- Analyze alerts from SIEM and other tools to assess potential threats to IT and OT infrastructures.
- Escalate critical security incidents to senior analysts or SOC L3 Analysts, especially for OT systems.
- Act as Incident Responder for non-major OT security incidents, recommending actions to contain and resolve issues.
- Mentor SOC L1 Analysts, especially in handling OT-related security incidents.
- Respond to service requests and tickets related to OT systems that SOC L1 cannot handle.
- Manage SOC tickets and ensure incidents are resolved within SLA timeframes.
- Fine-tune detection rules and provide feedback to improve OT threat detection.
- Assist in creating reports and improving SOC processes related to OT environments.
- Ensure all IT and OT security incidents are handled within agreed SLAs.
- Manage SOC tickets and service requests efficiently, with timely resolution for OT-related issues.
- Help minimize SLA breaches, particularly for OT incidents.
- Ensure compliance with security standards such as ISO 27001 and OT-specific frameworks like NIST SP 800-82.
- 5+ years of experience investigating security incidents using SIEM solutions (e.g., Azure Sentinel, Splunk, Arc Sight).
- Experience with vulnerability scanning tools (e.g., Qualys, Tenable) for both IT and OT infrastructures.
- Familiarity with security tools like EDR, NDR, IDS/IPS, Firewalls, Darktrace, and OT security tools for SCADA systems.
- Expertise in MITRE ATT&CK and understanding attack techniques for both IT and OT environments.
- Strong knowledge of network security, including OT-specific protocols like Modbus and DNP3.
- Experience in investigating logs from various sources, including OT devices and security tools.
- Familiarity with scripting tools like Python or Power Shell and OT automation tools.
- Understanding of OT security standards like NIST SP 800-82 and ISA/IEC 62443.
- Advanced knowledge of SIEM solutions, particularly for OT environments.
- Certifications in penetration testing or blue/purple team operations with a focus on OT security.
- Experience in training or mentoring junior SOC staff in OT incident detection.
- Certifications such as GCIH, GMON, SC-200, or SIEM product certifications (Splunk, Azure Sentinel, etc.) are highly valued.
Pay: QAR6,000.00 - QAR12,000.00 per month
Latest Job Opportunities
October 19, 2024
ASMACS QATAR
FM OPERATIONS TEAM LEAD-SOFT SERVICE (cleaning/housekeeping)
Doha
FULL TIME
View DetailsSimilar Jobs
September 12, 2024
Assets Group
Organizational Development Analyst
Doha
OTHER & FULL TIME
View DetailsNew Jobs from This Company
October 15, 2024
Proztec
Job Opportunity - SOC Engineer (SOC Tools Administrator)
Doha
FULL TIME
View Details