Security Engineer Threat & Vulnerability - 3395724

DXC Technology
  • Security Engineer Threat & Vulnerability Jobs in Dubai - 3395724

    DXC Technology
  • 5 - 6 Years
  • Dubai - United Arab Emirates
Login to Apply Register and Apply

Job Description

Job DescriptionRole Description The resource hired for this role will be responsible for Threat & Vulnerability Management (TVM) and Digital Forensics & Incident Response (DFIR)For TVM, the resource will align with L1L2 monitoring team to keep a watch on the threat landscape He will be responsible for developing and maintaining an effective threat model for the whole infrastructure The resource will perform vulnerability scans and work with the other teams to ensure proper mitigation of the findings in the reportFor DFIR, the resource will evaluate the tools deployed in cyber-attacks as well as ascertain the tactics, techniques and procedures used by cyber-criminals Research the latest malware families, malware distribution techniques such as exploit kits and phishing campaigns, botnets, develop tools, conduct independent research, perform detailed malware analysis, analyze cyber threat data, create intelligence reports, and provide support to customer requests In addition, they are also expected to manage and mentor the L1L2 analystsResponsibilities Threat Management Responsible for administration and maintenance of IPS and EDR solutions Develop and maintain an effective and working threat model based on the InfrastructureVulnerability Management Responsible for VA & PT activities on OS, Web Apps, Mobile Apps, Infrastructure Devices, and Databases Perform periodic vulnerability scans to ensure compliance to various standards like PCI, ISO27001, NESA, etc Filter out false positives, publish report and work with respective teams for patching Involved in Release Management and perform VA scans on pre-release applications or patched application versions Work with the relevant teams to fix all Critical and High vulnerabilities before roll-out in production Perform ad hoc scans on target systems as part of RCA, if required during an incident Interact with all other Operations teams (Application, Infrastructure, Network, etc) to ensure all reported vulnerabilities are accepted by them for mitigation Participate in Red Team and perform periodic Penetration Tests to identify weaknesses in the infrastructure that can be exploitedDigital Forensics Responsible for DFIR function of the SOC Use specialized equipment and techniques to catalogue, document, extract, collect, package, and preserve all original evidence of an incident Provide Malware Analysis capabilities This includes Dynamic Analysis, Static Analysis, Binary analysis and Reverse Engineering Extract IOCs from malware attacks and update SIEM with the same Determine TTPs for all confirmed intrusionsIncident Response Conduct detailed scope analyses and provide containment recommendations for all confirmed incidents Provide RCA and Mitigation steps for all confirmed incidents Work with externalinternal stake-holders to ensure containment and mitigation of all incidents Perform retrospective analysis of incidents handled and closed by L2 analysts Responsible for owning all confirmed incidents This includes publishing Incident Report, documenting Lessons Learnt and updating Knowledge BaseEligibility At least 10 years experience in cyber-security At least 7 years experience in SOC At least 5 years of experience in Finance Sector Solid understanding of standards like PCI DSS, PA DSS, ISO, NESA, NIST etc Hands-on experience in Vulnerability Assessments using Qualys, Rapid7, Nessus, etc Expertise in Manual Penetration Testing as well as handling various tools associated with the Penetration Testing like Metasploit, Burpsuite, WireShark, W3af, AirCrack etc Hands-on experience in administration of IPS systems Experience in McAfee NSM preferred Hands-on experience in administration of EDR solution Experience in Palo Alto traps preferred Advanced knowledge about Threat Modelling Frameworks like STRIDE, PASTA etc Expertise in Malware Analysis and deployment of associated tools In-depth knowledge of Unix and Windows OS platforms Well versed with Unix commandsPreferred Skillsets Hands-on experience in developing YaraSnortBro rules Scripting capabilities using Python, java script etc Good understanding of Security Architecture Good understanding of all Security Technologies and ability to assess them for Configuration and Compliance Conformance Ability to understand client requirement and deliver in a time-bound mannerCertifications Vulnerability Management product certifications (Qualys, Rapid7, Nessus, etc) SANS GREM or equivalent SANS GCFA or equivalent SANS GPEN or OSCP or equivalent

Profile Summary

Type:Company Job

Eligibility:Any Graduation.

Industry:IT-Software/ Software Services


Deadline:19th Feb 2025

Company Profile

Not Mentioned