Associate Cybersecurity Defense Analyst
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Help AG is hiring an Associate Cybersecurity Defense Analyst for its SOC team. The role involves monitoring security technologies and events using SIEM tools to detect and identify cybersecurity incidents.
Key Skills for This Role
Responsibilities
- Follow detailed operational processes to analyze, escalate, and assist in remediation of critical information security incidents
- Handle tickets and large queues, prioritize based on criticality of alerts
- Correlate and analyze events using SIEM tools to detect IT security incidents
- Monitor logs from multiple security technologies (SIEM, IDS/IPS, Firewalls, VPNs, etc.)
- Monitor logs across Microsoft platforms like Sentinel, Defender, ATP
- Respond to inbound requests for technical assistance with managed services
- Respond in a timely manner within documented SLA
- Maintain high awareness of the current threat landscape
- Participate in knowledge sharing and write technical articles for internal knowledge bases
- Perform other essential duties as assigned
Requirements
- 0 3 years of experience in information security (security operations, intrusion detection, incident analysis, etc.)
- 0 2 years of experience in network operations/engineering or system administration on Unix/Linux/Windows
- Degree in Computer Science, Information Systems, Electrical Engineering or related field
- Sound knowledge of IT security best practices, common attack types and detection/prevention methods
- Experience analyzing system, security, and application logs
- Knowledge of events produced by Firewalls, IDS/IPS, and other security devices
- Experience using SIEM tools such as Splunk, Log Rhythm, QRadar
- TCP/IP knowledge, networking, and security product experience
- Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks
- Ability to work rotating shifts in a 24/7 environment
Full Job Posting
Role Overview
- Help AG is looking for a talented Associate Cybersecurity Defense Analyst who will be an integral part of our Security Operations Centre (SOC) team for our Managed Security Services (MSS) unit.
- The Level one (I) MSS Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify Cyber security incidents.
This Role Requires
- 0 3 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration
- 0 2 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows
Responsibilities
- Follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
- Handling tickets and large queues and efficiently prioritize based on criticality of alerts.
- Reach out for assistance in case of initial triage/categorization/prioritization of alerts.
- Correlate and analyze events using the Splunk/Log Rhythm/QRadar SIEM tool to detect IT security incidents.
- Monitor logs in/from multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
- Monitor logs across Microsoft platforms like Sentinel, Defender, ATP etc.
- Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
- Respond in a timely manner (within documented SLA) to support, threat, and other cases.
- Maintain a high degree of awareness of the current threat landscape.
- Participate in knowledge sharing with other analysts and assist in writing technical articles for Internal knowledge Bases.
- Perform other essential duties as assigned.
- Able to work in rotating shifts within a 24/7 operating environment.
Qualifications & Skills
- A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
- An active interest in internet security, incident detection, network, and systems security.
- A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
- Demonstrable experience of analyzing and interpreting system, security, and application logs.
- Knowledge of the type of events that both Firewalls, IDS/IPS, and other security related devices produce.
- Experience in using SIEM tools such as Splunk, Log Rhythm, QRadar, Alien Vault, NitroSecurity, etc.
- Good to have knowledge across platforms like Sentinel, Microsoft defender, ATP.
- TCP/IP knowledge, networking, and security product experience.
- Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
- Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.
- CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
- Outstanding organizational skills.
Benefits
- Health insurance with one of the leading global providers for medical insurance.
- Career progression and growth through challenging projects and work.
- Employee engagement activities throughout the year.
- Tailored training & development program.
About Us
- Help AG is the cybersecurity arm of e& enterprise and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services.
- Present in the Middle East since 2004, Help AG was strategically acquired by Etisalat in Feb 2020, hence creating a cyber security and digital transformation powerhouse in the region.
- Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor agnostic, trustworthy, independent, and cyber security focused.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Help AG, an e& enterprise company
Cybersecurity Specialist (Database Activity Monitoring)
Riyadh, KSA
Help AG is seeking a Cybersecurity Specialist to manage and optimize Imperva Database Activity Monitoring (DAM) for a client in Riyadh. The role involves deploying agents, tuning policies, integrating with SIEM, and ensu
Senior Infrastructure Engineer
Dubai, UAE
Help AG is seeking a Senior Infrastructure Engineer to maintain MSS infrastructure including Windows/Linux servers, switches, firewalls, and cloud environments. The role involves health management, troubleshooting, patch
Associate Cybersecurity Defense Analyst
Riyadh, KSA
Help AG is looking for a talented Associate Cybersecurity Defense Analyst to join their SOC team. The role involves monitoring security technologies and events using SIEM tools to detect and identify cybersecurity incide
IT Support Technician
Dubai, UAE
Help AG is seeking an IT Support Technician to maintain infrastructure and support employees. The role involves endpoint support, user onboarding, and infrastructure monitoring. Requires 1+ years of IT support experience
Offensive Cybersecurity Consultant
Dubai, UAE
Help AG is hiring an Offensive Security Consultant to perform vulnerability assessments, penetration testing, red teaming, and security research. Candidates need 3-4 years of experience, OSCP/OSCE certification, and stro
Security Consultant - Integration
Abu Dhabi, UAE
Help AG seeks an experienced Security Consultant for post-sales integration and pre-sales activities. The role involves deploying security solutions, leading projects, designing architectures, and delivering proof of con
Cyber Automation Intern
Dubai, UAE
Help AG is seeking a Cyber Automation Intern to contribute to Automation & AI initiatives within the Cyber Automation Team. The intern will work on tools like FortiSOAR, Python, AI/ML models, and APIs to automate MSS ope
Pre-Sales Solution Architect (Arabic Speaker)
Dubai, UAE
Help AG is seeking a Pre-Sales Solution Architect to discover opportunities, position security solutions, and create technical content for proposals. The role requires strong consulting skills, cybersecurity knowledge, a
Cybersecurity Specialist (Database Activity Monitoring)
Riyadh, KSA
Senior Infrastructure Engineer
Dubai, UAE
Associate Cybersecurity Defense Analyst
Riyadh, KSA
IT Support Technician
Dubai, UAE
Offensive Cybersecurity Consultant
Dubai, UAE
Security Consultant - Integration
Abu Dhabi, UAE
Cyber Automation Intern
Dubai, UAE
Pre-Sales Solution Architect (Arabic Speaker)
Dubai, UAE