Cyber Defense Analyst (L2/L3)
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Help AG seeks a Cyber Defense Analyst (L2/L3) to join their CSOC team, monitoring multiple client environments, leading analysts, and conducting forensic analysis and threat hunting.
Key Skills for This Role
Responsibilities
- Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources
- Correlate and analyze events using SIEM tools to detect security incidents
- Create, follow and present detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents
- Respond to inbound requests via phone and other electronic means for technical assistance with managed services
- Document actions in cases to effectively communicate information internally and to customers
- Maintain a high degree of awareness of current threat landscape and cybersecurity intelligence
- Lead delivery, and support others in the delivery, of knowledge sharing with analysts and writing technical articles
- Analysis of log files, includes forensic analysis of system resource access
- Create, follow and present customer reports to ensure quality, accuracy, and value to clients
- Creation of new content (Use Cases, Queries, Reports) within the SIEM platform
- Education and training of other analysts in use and operation of SIEM platform
- Generate cybersecurity Threat Intelligence reports
Requirements
- 2 5 years of experience in cybersecurity, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, threat intelligence/hunting or digital forensics
- Bachelor’s/Master’s Degree in Cybersecurity, Computer Science, Information Systems, Electrical Engineering, or a closely related degree
- Experience in using Splunk as an analyst for Threat and Incident Detection is required
- Strong understanding of Cyber Kill Chain and MITRE ATT&CK frameworks and techniques
- Solid understanding of TCP/IP and network concepts and principles
- Professional certificates are highly preferred (e.g., CCIE, OSCP, CISSP, GSEC, GCIA, GCIH, GMON, GREM, GDAT, GCFE…etc.)
- Experience with ArcSight, LogRhythm, QRadar is preferable but not mandatory
- Experience with automation tools (SOAR) is preferred
- Experience in Malware Analysis / Reverse Engineering is preferred
- Very good communication skills
- Strong analytical and problem solving skills
Full Job Posting
Overview
- Help AG is looking for a talented and enthusiastic individual to join our Cybersecurity Operations Center (CSOC) team as part of the Managed Security Services (MSS) business unit.
- The Cyber Defense Analyst (L2/L3) will be responsible for monitoring multiple client environments, guiding, leading other Security Analysts, and conducting forensic analysis and threat hunting to detect and identify Cybersecurity incidents/breaches.
Responsibilities
- Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
- Correlate and analyze events using SIEM tools to detect security incidents.
- Create, follow and present detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
- Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
- Respond in a timely manner (within documented SLA) to support, investigate, and other cases.
- Document actions in cases to effectively communicate information internally and to customers.
- Resolve problems independently and understand escalation procedure.
- Maintain a high degree of awareness of current threat landscape and cybersecurity intelligence.
- Spread the cybersecurity intelligence across the team of analysts and engage in threat hunting activities.
- Lead delivery, and support others in the delivery, of knowledge sharing with analysts and writing technical articles for Internal knowledge bases, blog posts and reports as requested.
- Perform other essential duties as assigned.
- Analysis of log files, includes forensic analysis of system resource access.
Qualifications
- 2 5 years of experience in cybersecurity, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, threat intelligence/hunting or digital forensics.
- Bachelor’s/Master’s Degree in Cybersecurity, Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
- An active interest and passion in cybersecurity, incident detection, network, and systems security.
- A sound knowledge of IT security best practices, common attack types and detection / prevention methods.
- Demonstrable experience of analyzing and interpreting system, security, and application logs.
- Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce.
- Experience in using Splunk as an analyst for Threat and Incident Detection is required.
- Experience with ArcSight, LogRhythm, QRadar, is preferable but not mandatory.
- Strong understanding of Cyber Kill Chain and MITRE ATT&CK frameworks and techniques.
- Solid understanding of TCP/IP and network concepts and principles.
- Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS.
- Professional certificates are highly preferred (e.g., CCIE, OSCP, CISSP, GSEC, GCIA, GCIH, GMON, GREM, GDAT, GCFE…etc.).
Benefits
- Health insurance with one of the leading global providers for medical insurance.
- Career progression and growth through challenging projects and work.
- Employee engagement activities throughout the year.
- Tailored training & development program.
About Us
- Help AG is the cybersecurity arm of e& enterprise and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services.
- Present in the Middle East since 2004, Help AG was strategically acquired by Etisalat in Feb 2020.
- Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor agnostic, trustworthy, independent, and cyber security focused.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Help AG, an e& enterprise company
Cybersecurity Specialist (Database Activity Monitoring)
Riyadh, KSA
Help AG is seeking a Cybersecurity Specialist to manage and optimize Imperva Database Activity Monitoring (DAM) for a client in Riyadh. The role involves deploying agents, tuning policies, integrating with SIEM, and ensu
Senior Infrastructure Engineer
Dubai, UAE
Help AG is seeking a Senior Infrastructure Engineer to maintain MSS infrastructure including Windows/Linux servers, switches, firewalls, and cloud environments. The role involves health management, troubleshooting, patch
Associate Cybersecurity Defense Analyst
Riyadh, KSA
Help AG is looking for a talented Associate Cybersecurity Defense Analyst to join their SOC team. The role involves monitoring security technologies and events using SIEM tools to detect and identify cybersecurity incide
Associate Cybersecurity Defense Analyst
Riyadh, KSA
Help AG is hiring an Associate Cybersecurity Defense Analyst for its SOC team. The role involves monitoring security technologies and events using SIEM tools to detect and identify cybersecurity incidents. Candidates nee
IT Support Technician
Dubai, UAE
Help AG is seeking an IT Support Technician to maintain infrastructure and support employees. The role involves endpoint support, user onboarding, and infrastructure monitoring. Requires 1+ years of IT support experience
Offensive Cybersecurity Consultant
Dubai, UAE
Help AG is hiring an Offensive Security Consultant to perform vulnerability assessments, penetration testing, red teaming, and security research. Candidates need 3-4 years of experience, OSCP/OSCE certification, and stro
Security Consultant - Integration
Abu Dhabi, UAE
Help AG seeks an experienced Security Consultant for post-sales integration and pre-sales activities. The role involves deploying security solutions, leading projects, designing architectures, and delivering proof of con
Cyber Automation Intern
Dubai, UAE
Help AG is seeking a Cyber Automation Intern to contribute to Automation & AI initiatives within the Cyber Automation Team. The intern will work on tools like FortiSOAR, Python, AI/ML models, and APIs to automate MSS ope
Cybersecurity Specialist (Database Activity Monitoring)
Riyadh, KSA
Senior Infrastructure Engineer
Dubai, UAE
Associate Cybersecurity Defense Analyst
Riyadh, KSA
Associate Cybersecurity Defense Analyst
Riyadh, KSA
IT Support Technician
Dubai, UAE
Offensive Cybersecurity Consultant
Dubai, UAE
Security Consultant - Integration
Abu Dhabi, UAE
Cyber Automation Intern
Dubai, UAE