{bc}
linkedin

SECURITY ARCHITECT

Atos
Sharjah, UAE
Contract
Senior
Onsite
1 months ago
ArcSight ESMArcSight LoggerSIEM AdministrationIncident ResponseThreat HuntingMITRE ATT&CK
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

ArcSight ESMArcSight LoggerSIEM Administration
Smart Apply

Full Job Posting

About Atos Group

  • Atos Group is a global leader in digital transformation with c. 56,000 employees and annual revenue of c. €7.2 billion.
  • European number one in cybersecurity and a leader in cloud, Atos Group is committed to a secure and decarbonized future.

Role Summary

  • We are looking for an experienced SOC Administrator / Senior SOC Analyst with strong hands on experience in ArcSight SIEM administration, SOC operations, incident investigation, SIEM engineering, threat hunting, and security solutioning.
  • The candidate will be deployed onsite at a customer location and will act as a senior technical security resource.

Key Responsibilities SOC Administration & SIEM Management

  • Administer and manage ArcSight ESM, ArcSight Logger, Elastic Search, SmartConnectors, content packs, rules, dashboards, reports, active channels, filters, and correlation use cases.
  • Monitor SIEM platform health, connector status, event flow, EPS utilization, storage, parsing quality, and log source availability.
  • Troubleshoot log ingestion issues, connector failures, parsing errors, event normalization issues, and correlation rule performance problems.
  • Perform SIEM tuning to reduce false positives and improve detection accuracy.
  • Develop and maintain SIEM content including correlation rules, dashboards, reports, threat use cases, and alert workflows.
  • Support onboarding of new log sources including network devices, servers, cloud platforms, EDR, AV, IAM, and application logs.
  • Maintain documentation for SIEM architecture, log source inventory, use cases, SOPs, escalation matrix, and operational runbooks.

Key Responsibilities SOC L3 Operations & Incident Response

  • Perform deep dive analysis of security alerts, suspicious activities, malware detections, endpoint events, cloud events, and network anomalies.
  • Lead incident triage, validation, containment recommendations, root cause analysis, and post incident reporting.
  • Review and improve SOC investigation workflows, alert handling procedures, and escalation processes.
  • Perform threat hunting across SIEM, EDR, endpoint, cloud, firewall, proxy, DNS, identity, and email security logs.
  • Support customer security teams during major incidents, audit queries, and security improvement initiatives.

Key Responsibilities SIEM Engineering & Detection Engineering

  • Design, develop, and enhance security monitoring use cases aligned with MITRE ATT&CK, current threat trends, and customer risk priorities.
  • Translate business and technical risks into actionable SIEM detection logic.
  • Create and tune detection rules for endpoint threats, privilege abuse, lateral movement, brute force, suspicious cloud activity, data exfiltration, malware, ransomware, and insider threats.
  • Validate rule logic, reduce noisy alerts, and improve SOC investigation quality.
  • Support integration of SIEM with ticketing tools, SOAR platforms, automation scripts, threat intelligence feeds, and customer security tools.

Key Responsibilities Security Technology Support

  • Work with and support technologies such as EDR/XDR platforms, Antivirus/endpoint protection, Linux/Windows security logging, Azure security services, AWS security services, CloudTrail, Azure AD/Entra ID, Defender, firewall, proxy, DNS, IAM, VPN, server logs, threat intelligence, threat hunting platf
  • Assist in security solutioning, tool integration, and operational improvement discussions with the customer.
  • Identify gaps in monitoring, visibility, detection coverage, and response processes.

Key Responsibilities Customer Facing Responsibilities

  • Work onsite with the customer’s security and IT teams on daily SOC operations.
  • Provide clear technical guidance and help the customer make informed security decisions.
  • Prepare daily, weekly, and monthly SOC reports, incident summaries, health checks, and improvement recommendations.
  • Communicate professionally with customer stakeholders, SOC teams, and management.
  • Take ownership of issues and follow through until resolution.
  • Maintain a calm, confident, soft spoken, and collaborative working style.

Required Skills & Experience

  • 5–8+ years of cybersecurity experience, with strong exposure to SOC operations and SIEM administration.
  • Hands on experience with SIEM, preferably ArcSight ESM, Logger, SmartConnectors, correlation rules, dashboards, reports, and connector management.
  • Prior experience working in a combined SOC Admin + SOC L3 Analyst role.
  • Strong understanding of SOC processes, alert triage, incident response, escalation handling, and threat hunting.
  • Good knowledge of security event analysis across firewall, proxy, endpoint, server, identity, cloud, email, DNS, and application logs.
  • Experience with EDR, antivirus, Linux, Windows logs, Azure, AWS security, SIEM engineering, and security automation.
  • Ability to create and tune SIEM rules, dashboards, reports, and monitoring use cases.
  • Strong understanding of MITRE ATT&CK, cyber kill chain, common attack techniques, malware behavior, phishing, brute force, privilege escalation, and lateral movement.
  • Good documentation and reporting skills.
  • Strong troubleshooting ability for SIEM, connectors, log ingestion, parsing, and platform health issues.
  • Ability to work independently at customer site with minimal supervision.

Preferred Certifications

  • ArcSight / SIEM specific certification
  • Microsoft Azure Security certification (AZ 500 or equivalent)
  • AWS Security Specialty or equivalent
  • CEH or equivalent
  • CompTIA Security+, CySA+, GCIA, GCIH, GCFA, SC 200, SC 100, CISSP, CISM, or equivalent

Preferred Candidate Profile

  • Currently based in the UAE or immediately available to relocate.
  • Comfortable working full time onsite at customer premises.
  • Technically hands on and operationally mature.
  • Confident in dealing with customer stakeholders.
  • Soft spoken, professional, and composed during pressure situations.
  • Proactive and willing to take initiative beyond routine monitoring.
  • Capable of guiding customer teams in decision making with practical security recommendations.
  • Strong in both technical execution and customer communication.

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Atos