Senior Cyber Security CSOC Specialist
ENEC
مجموع سنوات الخبرة :17 years, 0 أشهر
* Security Monitoring of OT & IT networks
* Review log baseline on end devices/applications
*Develop use cases for custom applications
* Perform RCA for ADDA reported security incidents
* Threat Hunting
*Prepare /Review SOP, IRP etc documents
* Develop playbooks for different types of security alerts
SOC Lead / IT Security Compliance team
Company Profile: A leading state-owned oil company of the UAE and worked under pay roll
of Al Rostamani Communications LLC (Earlier via Alpha Data and Paramount Computer
Systems.)
Contribution:-
• Managed SOC team which includes preparing shift roaster, review shift hand over
document, review daily, weekly, monthly compliance reports etc
• Worked in cyber security/Security Incident Response team.
• Knowledge of threat areas and common attack vectors (malware, phishing, APT,
technology attack etc.).
• Review log baseline to enable auditing on end devices/applications
• Providing seminars/training to SOC team.
• Provide incident investigation report as per Security Incident Management Process
/ Guidelines
• Perform Root cause analysis (RCA) for the incidents and update the knowledge
management.
• Configure real time cyber security alerts for significant incidents/corporate policy
violation; develop custom dashboards for the effective monitoring and analysis of
the security logs.
• Configure security alert/use cases as per NESA (National Electronic Security
Authority).
• Review SLA report of security incident alerts/tickets.
• Prepare/review documents like SOC SOP, Security incident handling and reporting
, Security Incident response etc
3.Etisalat
Worked for Etisalat under pay roll of Technologia Etisalat software
Solutions which is an Etisalat Company.
Contribution:-
• Prepare log baseline to enable auditing on end devices/applications
• Support to integrate to new log sources like security devices, servers, applications
etc to SIEM tool for security event monitoring and security alerting/reporting.
• Review/health check of 5000+ log sources, SIEM manager, database, agents etc
• Managing 8 SOC team members which includes preparing shift roaster, review shift
hand over document, review daily, weekly, monthly reports etc
• Configure real time security alerts for significant incidents/corporate policy
violation, develop custom dashboards for the effective monitoring and analysis of
the security logs.
• Configure aggregation, filter-out unwanted/noisy events etc in agent level
• Configure security alert/use cases as per NESA (National Electronic Security
Authority).
• Review SLA report of security incident alerts/tickets.
• Prepare/review documents like SOC SOP, Security incident handling and reporting
, Security Incident response etc
• Detect and initiate take down process for phishing sites targeting Etisalat.
• Managing IPS devices, public sftp server etc
Company Profile : Mobily is the trade name of Saudi Arabia's second largest
Telecommunications Company, Etihad-Etisalat consortium. Mobily Infotech is giving
Offshore Support to Saudi Mobily from Bangalore.
Contribution :-
• Installation of Agents for new assets and maintenance of existing asset agents.
• Configure use cases/real time security alerts for security events.
• Configure dashboards, data monitor, active channel etc for SOC monitoring.
• Prepare custom reports, adhoc reports, filter, active channels etc.
• Prepare daily, weekly, monthly and trend reports.
• Ensuring SLA adherence, follow up with the asset owners and ensure that the call
raised is closed on time. Raise incident call based on the analysis of daily reports,
real time alerts and monitoring dashboards
Company Profile: Paladion Networks (ISO: 27001 certified) is a global full service managed
security provider committed to delivering technology solutions to ensure
impenetrable security to 400+ clients in 15 countries across Asia, US and Europe
(