Overview
Core42 helps defend its clients from cyber-attacks, through timely detection, investigation and remediation of potential threats.
We are looking for a talented Security Engineering and architect who will be working in a fast-paced environment driving enablement, performance, service maturity and reliability of the managed security services on physical and cloud platforms. Ensures sound delivery of technical and onboarding projects, systems and services, providing a mixture of project delivery, system integration, maintenance and support around the complete CFC technology stack.
Responsibilities
- Develop and maintain security architecture frameworks, standards, and guidelines to ensure the confidentiality, integrity, and availability of information assets.
- Co-ordinate with various vendors, other customer teams and business stakeholders on work related to design and setup activities at different stages of a technical project.
- Offers innovative solutions that meet business needs while remaining cost effective.
- Iidentify, liaise and manage any escalated faults with internal and 3rd party suppliers for major incidents, improvements or correction of recurring problems related to tools and technology.
- Prioritize work efforts dynamically to meet deadlines and work effectively with minimal supervision in a team environment.
- Installation, configuration, management, maintenance and support of tools hosted on Windows/Linux platform.
- Compile and maintain the necessary documentation of all system designs, builds, runbooks and modifications.
- Monitor systems, identify/resolve issues, prepare status reviews and reports, adhering to strict Service Level Agreements for fault resolutions and service requests completions
- Solid technical background in a hosted services environment - physical and cloud infrastructure, networks, hardware and software.
- Seek opportunities to identify tasks/processes that can support automation, orchestration or otherwise increase CFC operational efficiencies.
- Administration and Implementation of SIEM, EDR, SOAR, NDR, VAPT and Azure technology stack.
- Troubleshoot complex technical issues related to tool and technology functionality.
- Configure and maintain Azure Sentinel workspaces, including data connectors and log collection, to optimize threat detection and analysis.
- identifying performance or capacity related issues and finetuning the technology stack to deliver optimal performance.
- Manage vendor support cases to ensure issues are recorded, tracked, resolved, and follow-ups are done in a timely manner.
- Perform regular security patching and application upgrades across the organization to mitigate potential threats and weaknesses in systems and applications.
- Working collaboratively with team members and stakeholders, and clearly and proactively communicating work status, key issues and risks to management
- Continuous assessment of data coverage and areas for improving Azure Sentinel
- Own all documentation related to Azure Sentinel
Essential Job Functions
- Administration and Implementation of SIEM, EDR, SOAR, NDR, VAPT and Azure technology stack.
- Experience with industry recognized SIEM solutions such as ELK, Sentinel, Qradar, ArcSight, Splunk, LogRhythm,etc.
- Advanced knowledge of Windows Server, PowerShell, Python and other scripting languages
- Integrate SOAR platform with other security tools and APIs through platform inbuilt apps and custom apps to execute automated workflows.
- Logging and auditing cloud infrastructure with Azure Sentinel and orchestration efforts
- Integrating security logs into Azure Log Analytics Workspace
- Advanced knowledge of Linux OS
- Author, test, and maintain automation scripts/workflows within SOAR platform. Technical troubleshooting and root-cause analysis of SOAR solutions.
- Experience with configuring and using automated monitoring tools such as FortiSOAR, Demisto, Phantom
- Demonstrated ability to document processes and procedures.
- Ability to deep dive issues and maintain focus.
- Excellent written and oral communications. Experience working with vendors and various solution providers.
Good to have.
- Experience working in, or related to, Operational Technology (OT), Industrial Control Systems (ICS) and/or IoT industries.
- Experience working with various Cloud platforms, such as AWS, GCP or Azure.
- Experience working with Artificial intelligence and Machine learning technologies.
Qualifications
- BA/BS/BE or MS degree in IT, Computer Science or equivalent required.
- 8+ years of experience in one or more of the following areas: SIEM administration, linux OS administration, networking, Windows OS, EDR, Sentinel and NDR.
- 3+ years of experience with SOAR platforms such as FortiSOAR, Phantom, Cortex, XSOAR, Swimlane, etc.
- 2+ years of experience in Microsoft Azure Sentinel stack
- Certification is Azure AZ900, SC200, SC100, etc
- Working knowledge of Security related scripting, Python, SOAP/REST APIs, JSON, HTML/CSS, Javascript, XML, GO, Kusto/KQL, PowerShell.
- Experience with SOC SOPs, playbooks, work instructions and/or other process documents.
- Relevant professional certifications in information technology or cloud security e.g. CISSP, CCSP, TOGAF, SIEM Certifications, Azure certifications, etc.
- In depth understanding of compliance and security controls and various industry standards-NIST, NESA, CIS, etc.
- Strong understanding of computer science: algorithms, data structures, databases, operating systems, networks, and tool development
- Network infrastructure understanding, advanced knowledge of TCP/IP and Internet protocols.
- Strong ability to communicate write clearly and speak authoritatively to different audiences
- Good knowledge in; Firewalls, VPN, Intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, VoIP, DMZ.
- Excellent communication & problem-solving skills
What We Look For
If you are a performance-driven, inquisitive mind with the agility to adapt to ambiguity, you will fit right in. You should be eager to explore opportunities to build meaningful collaborations with stakeholders and aspire to create unique customer-centric solutions. Bias for action and a passion to conquer new frontiers in the AI space is at the heart of the Core42 community.
What Working At Core42 Offers
Culture: An open, diverse and inclusive environment with a global vision that encourages personal growth and focuses on ground-breaking, industry-first innovations.
Career: Outstanding learning, development & growth opportunities via structured training programs and innovative, high-tech projects.
Work-Life: A hybrid work policy to strike the perfect balance between office and home.
Rewards: A competitive remuneration package with a host of perks including healthcare, education support, leave benefits and more.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.