Roles & Responsibilities:

To ensure continuity of 24x7/365 security services across the company while overseeing security event monitoring, management, and response.
To perform ongoing review and tuning of SIEM scenarios to detect new and more threats and improve detection quality.
To ensure incident identification, assessment, quantification, reporting, communication, and mitigation while confirming SLA compliance, process adherence, and process improvement to achieve operational objectives.
To ensure daily management, administration, and maintenance of security devices under the purview of the SOC which consists of state-of-the-art technologies.
To perform threat hunting, threat management, and threat modeling, identify threat vectors, and develop use cases for security monitoring.
To be responsible for overseeing the integration of standard and non-standard logs in SIEM and review/ revise the processes to strengthen Security Operations.
To gather evidence, evaluate risk, and deliver a plan to respond to contain and remove security threats as quickly and safely as possible.
To verify discovered vulnerabilities according to metrics; correlate and collate the information; apply treatment and hardening and create intelligence reports that communicate the results of the analyses to management and related stakeholders.
To build and maintain positive working relationships with stakeholders including cooperating with CRA and FATA Police to meet their requirements.
To define, develop, and review key security performance indicators that ensure service delivery and service improvements.
To implement and continually improve Digital Forensics capability, tools, and processes.
To develop and revise processes to strengthen the current Security Operations framework, review policies, and highlight the challenges.
To educate ITS /NWG/ ICS on the importance of security monitoring and the need for improvement in log collections.
To expand, tune, and health check cyber defense tools and technologies (NBA, EDR, XDR, DAM, SOAR, etc.).
To liaise with ITS, NWG, and IFM teams to define new scenarios to detect unauthorized and malicious activities.
 
Job Requirements:

Minimum of 2 years of experience in SOC/CSIRT areas
Experience working in a medium to large organization
Experienced with log analysis tools, creating parsers, correlation rules, and managing reports and dashboards
Experience in developing, documenting, and maintaining security procedures and playbooks
Bachelor’s degree in technology systems (Information Technology/ Computer Engineering /Information Security) or related discipline
Related certificates like CEH, SANS, CISSP is desirable