Senior Cybersecurity, SOC, IR, TI and SOAR Consultant
Hp - Saudi Arabia
Total years of experience :15 years, 8 Months
Responsibilities
• Lead, develop and implement SOC technology.
• Plan, Design, and lead implementation of SOAR playbooks.
• Responsible for manage SOC Team to incident management, threat intel.
• Develop and implement SOC’s playbooks and SOP.
• Ensure server level agreement (SLAs) are met.
• Review and update IT Security Architecture.
• Develop, implement and measure IT SOC framework.
• Develop, implement and monitor Information Security Policy, Procedure and Guideline.
• Develop and implement an ongoing risk management program.
• Secure network, system and application of IT architecture by review system design based on best practices and vendor recommendation.
• Compliance with laws and regulation such as QCERT-NIAM, NCA-ECC.
• Compliance with best practices and standards such as ISO27001&2, NIST CSF, HP SOMM etc.
• Secure configuration and hardening of IT Systems.
• Design, implement, operate and manage technical IT security controls .
Achievements
• Plan, design, build, lead implementation and fine tune of Phantom SOAR playbook
Such as Phishing, Malware, unauthorized access, Privilege account playbooks etc.
• Establish dashboards and reports for management and customers.
• Review and update CSIRP, Cybersecurity Emergency and Crisis Plan.
• Develop and implement SOC communication Plan.
• Develop and implement IT/OT SOC services such as:
o L1&L2 Playbooks such as such as Phishing email, Malicious code, Unauthorized access, Privilege account etc.
o SOAR /Phantom runbooks and workbooks..
o Alert Triage Process.
o Root Cause Analysis (RCA) Process.
o False Positive incident Fine Tune Process.
o Incident Severity Classification Guideline.
o VERIS Framework.
o Incident Escalation Process.
o Cybersecurity Incident Communication Plan .
o Threat Intelligent Framework (TIP).
o Threat Detection Process.
o Security Emergency and Crisis Plan
• Lead implementing SIEM-Splunk.
• Develop and measure SOC performance by using KPI and metrics
• Patriciate in developing SOC ticking system at Archer.
• Conduct quality assurance to ensure process are implemented and followed by SOC team.
• Monitor, measure and ensure SOC SLA and KPI are achieved
• Design, implement, operate of NGFW (PaltoAlto, FortiGate, Cisco ASA).
• Design, implement, operate of vulnerability management solution (Tenable).
• Lead Implementation of ISO2700- Information Security Management System- ISMS and successfully certified.
• Establish and implement information security policy and procedure, NCA and ISO27001/27002.
• Compliance with best practices and standards such as ISO27001&2, NIST CSF, HP SOMM etc.
• Compliance with laws and regulation such as QCERT-NIAM, NCA-ECC.
• Nessus Vulnerability management Project.
• Implement security Gap analysis to meet ISO 27001:2013.
• Cisco WLAN Project design, and security Protections.
• Cisco core switch 6509E design, implementation and configuration
• VPN Design, implementation and configuration