Group SIEM Engineer

KEY ACCOUNTABILITIES

1. Administer and maintain SIEM and SOAR platforms, including configuration, tuning, and updates.
2. Onboarding of Log sources into SIEM platform, enhancing our security monitoring capabilities.
3. Develop and implement correlation rules to detect potential security threats as per threat landscape.
4. Design, implement, and maintain SOAR solutions to automate incident response workflows.
5. Collaborate with cross-functional teams to integrate SOAR with existing security tools and processes.
6. Develop playbooks for incident response and ensure regular testing and updates.
7. Provide recommendation for Security Use-cases and SOAR Playbooks creation and optimization for any new/existing systems.
8. Analyse and integrate threat intelligence data in SIEM and SOAR to enhance detection capabilities and incident response.
9. Stay current with emerging threats and vulnerabilities, integrating relevant intelligence into security practices.
10. Create and maintain documentation for SIEM and SOAR configurations, procedures, and playbooks.
11. Generate regular reports on security incidents, trends, and metrics for management review.
12. Provide training and guidance to team members on SIEM and SOAR best practices.
13. Document all incidents, investigations, and analysis activities accurately and thoroughly.

OTHER

1. Act as an ambassador for DP World at all times when working; promoting and demonstrating positive behaviours in harmony with DP World s Principles, values and culture; ensuring the highest level of safety is applied in all activities; understanding and following DP World s Code of Conduct and Ethics policies.
2. Perform other related duties as assigned.

QUALIFICATIONS, EXPERIENCE AND SKILLS

Knowledge and Experience

• Bachelor s Degree in Computer Science or equivalent.
• Should have 8 -10 years of experience in IT Security with at least 6 years experience in managing SIEM and SOAR solutions including logs onboarding and creation of automated playbooks.
• Technical and hands-on experience across Cyber Security and technology domains.
• Strong hands-On Experience on SIEM and SOAR Solutions.
• Understanding of security frameworks and compliance regulations.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation purposes.
• Excellent analytical and problem-solving skills, with the ability to communicate technical concepts to non-technical stakeholders.
• Strong understanding of the Cyber Kill Chain, pervasive threats attack methods and remediation.
• Industry recognized professional certifications CISSP, GIAC, NSE or Microsoft Azure.
• Good understanding in E-commerce, logistics, supply chain & port operations applications will be added advantage.

Soft Skills

• Sound analytical and intellectual capabilities.
• Excellent time management and organizational skills.
• Decision-making abilities.
• Team player and conflict management skills.
• Ability to multi-task, prioritize, coordinate, and work well under pressure to meet deadlines.
• Strong interpersonal and communication skills ability to work in a team environment.
• Cultural awareness.
• Must possess Excellent Reporting Skills.

Technical Skills

• Knowledge of Security information and event management (SIEM) and Security Orchestration and Automation (SOAR) solutions.
• Hands-on experience with Azure Sentinel SIEM Solution and FortiSOAR platform is desired.
• Experience with log onboarding on SIEM solution.
• Experience with automated playbook creation on SOAR Platform.

#LI-AA6