OverviewCore42 helps defend its clients from cyber-attacks, through timely detection, investigation and remediation of potential threats.We are looking for a talented Security Engineering and architect who will be working in a fast-paced environment driving enablement, performance, service maturity and reliability of the managed security services on physical and cloud platforms. Ensures sound delivery of technical and onboarding projects, systems and services, providing a mixture of project delivery, system integration, maintenance and support around the complete CFC technology stack.Responsibilities
Develop and maintain security architecture frameworks, standards, and guidelines to ensure the confidentiality, integrity, and availability of information assets.
Co-ordinate with various vendors, other customer teams and business stakeholders on work related to design and setup activities at different stages of a technical project.
Offers innovative solutions that meet business needs while remaining cost effective.
Iidentify, liaise and manage any escalated faults with internal and 3rd party suppliers for major incidents, improvements or correction of recurring problems related to tools and technology.
Prioritize work efforts dynamically to meet deadlines and work effectively with minimal supervision in a team environment.
Installation, configuration, management, maintenance and support of tools hosted on Windows/Linux platform.
Compile and maintain the necessary documentation of all system designs, builds, runbooks and modifications.
Monitor systems, identify/resolve issues, prepare status reviews and reports, adhering to strict Service Level Agreements for fault resolutions and service requests completions
Solid technical background in a hosted services environment - physical and cloud infrastructure, networks, hardware and software.
Seek opportunities to identify tasks/processes that can support automation, orchestration or otherwise increase CFC operational efficiencies.
Administration and Implementation of SIEM, EDR, SOAR, NDR, VAPT and Azure technology stack.
Troubleshoot complex technical issues related to tool and technology functionality.
Configure and maintain Azure Sentinel workspaces, including data connectors and log collection, to optimize threat detection and analysis.
identifying performance or capacity related issues and finetuning the technology stack to deliver optimal performance.
Manage vendor support cases to ensure issues are recorded, tracked, resolved, and follow-ups are done in a timely manner.
Perform regular security patching and application upgrades across the organization to mitigate potential threats and weaknesses in systems and applications.
Working collaboratively with team members and stakeholders, and clearly and proactively communicating work status, key issues and risks to management
Continuous assessment of data coverage and areas for improving Azure Sentinel
Own all documentation related to Azure Sentinel
Essential Job Functions
Administration and Implementation of SIEM, EDR, SOAR, NDR, VAPT and Azure technology stack.
Experience with industry recognized SIEM solutions such as ELK, Sentinel, Qradar, ArcSight, Splunk, LogRhythm,etc.
Advanced knowledge of Windows Server, PowerShell, Python and other scripting languages
Integrate SOAR platform with other security tools and APIs through platform inbuilt apps and custom apps to execute automated workflows.
Logging and auditing cloud infrastructure with Azure Sentinel and orchestration efforts
Integrating security logs into Azure Log Analytics Workspace
Advanced knowledge of Linux OS
Author, test, and maintain automation scripts/workflows within SOAR platform. Technical troubleshooting and root-cause analysis of SOAR solutions.
Experience with configuring and using automated monitoring tools such as FortiSOAR, Demisto, Phantom
Demonstrated ability to document processes and procedures.
Ability to deep dive issues and maintain focus.
Excellent written and oral communications. Experience working with vendors and various solution providers.
Good to have.
Experience working in, or related to, Operational Technology (OT), Industrial Control Systems (ICS) and/or IoT industries.
Experience working with various Cloud platforms, such as AWS, GCP or Azure.
Experience working with Artificial intelligence and Machine learning technologies.
Qualifications
BA/BS/BE or MS degree in IT, Computer Science or equivalent required.
8+ years of experience in one or more of the following areas: SIEM administration, linux OS administration, networking, Windows OS, EDR, Sentinel and NDR.
3+ years of experience with SOAR platforms such as FortiSOAR, Phantom, Cortex, XSOAR, Swimlane, etc.
2+ years of experience in Microsoft Azure Sentinel stack
Certification is Azure AZ900, SC200, SC100, etc
Working knowledge of Security related scripting, Python, SOAP/REST APIs, JSON, HTML/CSS, Javascript, XML, GO, Kusto/KQL, PowerShell.
Experience with SOC SOPs, playbooks, work instructions and/or other process documents.
Relevant professional certifications in information technology or cloud security e.g. CISSP, CCSP, TOGAF, SIEM Certifications, Azure certifications, etc.
In depth understanding of compliance and security controls and various industry standards-NIST, NESA, CIS, etc.
Strong understanding of computer science: algorithms, data structures, databases, operating systems, networks, and tool development
Network infrastructure understanding, advanced knowledge of TCP/IP and Internet protocols.
Strong ability to communicate write clearly and speak authoritatively to different audiences
Good knowledge in; Firewalls, VPN, Intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, VoIP, DMZ.
Excellent communication & problem-solving skills
What we look forIf you are a performance-driven, inquisitive mind with the agility to adapt to ambiguity, you will fit right in. You should be eager to explore opportunities to build meaningful collaborations with stakeholders and aspire to create unique customer-centric solutions. Bias for action and a passion to conquer new frontiers in the AI space is at the heart of the Core42 community.What working at Core42 offersCulture: An open, diverse and inclusive environment with a global vision that encourages personal growth and focuses on ground-breaking, industry-first innovations.Career: Outstanding learning, development & growth opportunities via structured training programs and innovative, high-tech projects.Work-Life: A hybrid work policy to strike the perfect balance between office and home.Rewards: A competitive remuneration package with a host of perks including healthcare, education support, leave benefits and more.If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.