1. Ensure that all log sources are reporting to the SIEM platform to maintain the availability of the logs.2. Ensure all the integrated assets are reporting to their relevant solution (such as Data Activity Monitor, File Integrity Monitor, or Firewall Monitor)3. Monitor the health of the log sources to make sure the log sources are sending proper logs that are used to identify incidents for reporting, detecting incidents, and/or contextual data.4. Implement use cases over different SOC technologies as required by the Security Intel team to identify incidents.5. Generate reports as required by SOC management teams to be presented to the management in alignment with the governance document to be used in further data analysis.6. Create dashboards & periodical reports to ensure that all the integrations are functional and in healthy posture.7. Manage the SOC solutions/products solutions' by measuring, and configuring the performance & capacity planning to maintain the effectiveness of the SOC technologies stack.8. Work with systems owners to establish SIEM technology to meet the strategic goals of identifying security incidents by defining Use Cases and Technical administration of the SIEM software platform.9. Modify configuration files to achieve full integrations with different log sources to maintain the correlation effectiveness of the SIEM solution.10. Deploy and Develop customized and non-customized SIEM connectors for supported and unsupported SOC log sources.11. Follow all relevant department policies, processes, standard operating procedures, and instructions so that work is carried out in a controlled and consistent manner.12. Follow the day-to-day operations related to own jobs in the department to ensure continuity of work.Requirements§ Bachelor’s degree in Engineering, Computer Science, or equivalent.§ Minimum 5 - 7 years of experience in SIEM Technology platforms§ Working knowledge of Information Security concepts and practices§ Knowledge of the SIEM solutions§ Knowledge of Data Activity Monitor and File Integrity Monitor solutions§ General network knowledge, TCP/IP Troubleshooting§ Familiarity with system log information and what it means§ Understanding of common network services (web, mail, DNS, DHCP, authentication)§ Strong shell scripting experience using Bash, and Python§ Experience in configuration management and automation systems such as Ansible, Chef, Puppet§ Experience with both traditional RDBMS such as MySQL as well as NoSQL systems§ Knowledge of systems metrics and performance monitoring§ Experience with virtual environments and containers (Docker, LXC)§ Strong Linux and Windows knowledge§ Good understanding of Database conceptsSkills:§ Very good command of English and Arabic language§ Good communication skills
