The Azure/Splunk Sr. Security Engineer will be responsible for the creation of procedures, implementation of process development, and maintenance of security systems across client environments. The Security Engineer will work closely with Management, Senior Engineers, Threat Analysts, Solution Architects, other Security Engineers, and clients to complete high profile, critical services to existing Managed Security Service clients.This position is based out in Dubai, UAE and will be responsible for the administration, maintenance, and integration of Splunk, MS Azure Sentinel, Sentinel UEBA, AIP, Defender, CASB, ATA/ATP & Intune for security operations technical engineering, assessment, and recommendations in the areas of real-time security, operational network & identity management system, and applications systems security.Responsibilities
Design, implement, and support solutions with SIEM (preferably Splunk) and Microsoft security technologies such as Azure Cloud Access Security Broker, Office 365 Advanced Threat Protection (O365 ATP), Microsoft Defender ATP, and their integrations used to deliver internet-scale intelligence and managed security products.
Implement & administer Microsoft Defender (ATP), Azure Cloud Access Security Broker & Azure Threat Protection security products within customer environment Manage and oversee day-to-day activities of Azure IP platform and ensure adherence to enterprise standards in project execution methodology, requirements gathering, quality assurance, and continuous improvement.
Assess customer needs and expectations, design solutions to meet those needs, and then implement the design.
Quickly build and solve a problem using a new technology to determine viability.
Serve as a primary responder for Managed Security customer systems, taking ownership of client configuration issues and tracking through resolution.
Qualifications
Experience and knowledge of Splunk, Azure M365 & MS cloud security is essential.
Security Engineer must possess minimum 5 years of professional experience & Sr Security Engineer must possess minimum 7-8 years of professional experience supporting and maintaining Splunk, Azure M365 System.
4-5 years of experience with administering & managing Splunk and Sentinel SIEM including content development.
Experience in Use cases creation and Content development on Microsoft Sentinel, Splunk SIEM.
Experience in Custom Use cases, Dashboards, Report creation on Microsoft Sentinel, Splunk SIEM.
Knowledge of Integration with tools, data connectors for Microsoft Sentinel, Splunk SIEM.
Knowledge of Splunk, Sentinel architecture, tables and data in Sentinel
Knowledge of Sentinel workbooks and automation & Splunk Enterprise Security.
Professional experience working with networks and network architecture.
College degree or equivalent training with experience working in a Security Operations Center, Managed Security, or client network environment.
Information security knowledge in one or more areas such as EDR - Enterprise end-point security products (e.g., McAfee e-Policy Orchestrator, Virus Scan, Anti-Spyware, Host Data Loss Protection, Endpoint Encryption, etc.)
Splunk, Azure Log analytics, or equivalent big data engine experience
Experience with MS Azure Information Protection and technologies, including solution architecture, deployment, management, and support in a large global enterprise.
Knowledge of Linux and Windows Operating Systems.
Experience with various other SIEM security products such as: Splunk, ArcSight, Nitro, or LogRhythm and infrastructure components such as proxies, firewalls, IDS/IPS, and DLP
Experience working with clients in a service delivery function.
Shift flexibility, including the ability to provide after-hours support when needed.
Experience working with internal and client ticketing and knowledge base systems for Incident and Problem tracking as well as procedure.
Benefits
Health insurance with one of the leading global providers for medical insurance.
Career progression and growth through challenging projects and work.
Employee engagement and wellness campaigns activities throughout the year.
Excellent learning and development opportunities.
Inclusive and diverse working environment.
Flexible/Hybrid working environment.
Annual flight tickets to home country.
Open door policy.
About UsHelp AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region. Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity.With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.