Job Description - SOC INTEGRATION ENGINEER (240000XI)
Job Description
SOC INTEGRATION ENGINEER - ( 240000XI )
Description
Ensure that all log sources are reporting to the SIEM platform in order to maintain the availability of the logs.
Ensure all the integrated assets are reporting to their relevant solution (such as Data Activity Monitor, File Integrity Monitor, or Firewall Monitor)
Monitor the health of the log sources to make sure the log sources are sending proper logs that are used to identify incidents for reporting, detecting incidents and/or contextual data.
Implement use cases over different SOC technologies as required by Security Intel team to identify incidents.
Generate reports as required by SOC management teams to be presented to the management in alignment with the governance document to be used in further data analysis.
Create dashboards & periodical reports to ensure that all the integrations are functional and in healthy posture.
Manage the SOC solutions / products through measuring, configuring the performance & capacity planning to maintain the effectiveness of the SOC technologies stack.
Work with systems owners to establish SIEM technology to meet the strategic goals of identifying security incidents by defining Use Cases Technical administration of the SIEM software platform.
Modify configuration files to achieve the full integrations with different log sources to maintain the correlation effectiveness of the SIEM solution.
Deploy and Develop customized and non-customized SIEM connectors for supported and unsupported SOC log sources.
Develop scripts to automate SIEM log collection.
Policies, Processes and Procedures
Follow all relevant department policies, processes, standard operating procedures and instructions so that work is carried out in a controlled and consistent manner.
Day-to-day Operations
Follow the day-to-day operations related to own jobs in the department to ensure continuity of work.
Compliance
Comply with all relevant CBE regulations, banking laws, AML regulations and internal CIB policies and code of conduct in order to maintain CIB’s sound legal position and mitigate any potential risks.
Qualifications
Qualifications & Experience
Bachelor’s degree of Engineering, Computer Science or equivalent.
Minimum 5 - 7 years of experience in SIEM Technology platforms
Working knowledge of Information Security concepts and practices
knowledge of the SIEM solutions
Knowledge of Data Activity Monitor and File Integrity Monitor solutions
General network knowledge, TCP/IP Troubleshooting
Familiarity with system log information and what it means
Understanding of common network services (web, mail, DNS, DHCP, authentication)
Strong shell scripting experience using Bash, and Python
Experience in configuration management and automation systems such as Ansible, Chef, Puppet
Experience with both traditional RDBMS such as MySQL as well as NoSQL systems
Knowledge of systems metrics and performance monitoring
Experience with virtual environments and containers (Docker, LXC)
Strong Linux and Windows knowledge
Good understanding of Database concepts
Skills
Very good command of English and Arabic language
Good communication skills
Primary Location
: Egypt-Giza-SMART VILLAGE BLDG. 2
Job
: Back Office
Organization
: COO
Shift
: Day Job Job Type : Full-time Employee
Travel
: No
Refer a friend for this job
Tell us about a friend who might be interested in this job. All privacy rights will be protected.
