Job details
Cyber SecurityContentEngineerWorkingLocation: Mons,BelgiumSecurityClearance: NATOSecretLanguage:High proficiency level inEnglishlanguageEXPERIENCEANDEDUCATION:EssentialQualifications/Experience:Expertknowledge in cyber security use casedevelopmentExpertknowledge of Splunk Processing Language and Splunk EnterpriseSecurityExperienceusing, developing and testing content for security informationevent management products (SIEM) e.g.SplunkExpertknowledge of malware families, network attack vectors and threatactor tools, techniques andproceduresExperiencedeveloping security content aligned to the MITRE ATT&CKframeworkExperiencein endpoint detection and analysistechniquesExpertknowledge of the principles of computer and communicationssecurity, networking, and the vulnerabilities of modern operatingsystems andapplicationsKnowledgeand experience usingSigmaKnowledgeand experience usingGitDesirableQualifications/Experience:Experiencewriting custom PythonscriptsExperiencecustomising Splunk dashboards withJavaScriptIndustryleading certifications in the area of cyber security or Splunk suchas GCDA,GCIAStrongunderstanding of Security, Orchestrations, Automation and Response(SOAR)conceptsAbilityto analyse attack vectors against a particular system to determineattacksurfaceDUTIES/ROLE:Providesubject matter expertise, continuously developing and testingdetection content within the Network Monitoring and IncidentDetectionCell.Createsecurity tool content such as searches, reports and dashboards tofacilitate the detection and analysis of cyber securityincidents.Manageand create use casedocumentation.Reviewand develop logging configurations to enable a comprehensivedetection capability, working with Security Tool Managers in orderto ensure data collected meets the exected level ofquality.Trackthe effectiveness of use cases using KPIs, prioritising areas forimprovementContinuouslyevaluate security tool data quality and suggest improvements wherenecessaryWorkwith security analysts and automation engineers to develop andautomate complex analysisprocessesContributeto regular cyber security operations, performing in-depth analysisof suspicious activity to deliver conclusions andrecommendationsSupportproject activities and the wider operational teams asrequiredThemain deliverables as CSCE willbe:Providean average of 139 hours/month working on-site, embedded in the NSCSOps Branch located in SHAPE, Casteau,BelgiumDevelopnew Splunk alerts, searches, reports and dashboards for securitymonitoring and detection. Each use case must reference the MITREAttack framework. The service provider is expected to take theinitiative to identify detection gaps, monitor the latest threatsand offer suggestions for new content to the managementteamProvideand maintain full documentation for all use cases, detailing thepurpose of the use cases, how the logic functions and the actionsanalysts should take during aninvestigationTrackthe false positive rate of use cases, tuning where necessary. Themaximum allowable false positive rate for a use case is5%Developand maintain Splunk dashboards that identify log parsing issues orlogs which are not correctly aligned to the Common InformationModel. Any issues shall be immediately reported to the securitytools engineers via ticketingsystemsDevelopand maintain processes and/or dashboards, ensuring Splunk DataModels are utilising the entire available dataset. Any issues shallbe immediately reported to the security tools engineers viaticketingsystemsReview20 use cases per month, optimising existing queries, improvingtheir design and updatingdocumentationPerformregular maintenance and updates of existing detection use cases.All Splunk-related tuning requests shall be actioned within oneworkingdayReviewreports and observables from threat hunting, red teaming, andpurple teaming activities. Perform detection gap analysis andrecommend solutions, and subsequently lead on the development,testing andimplementationWhenrequired, to improve content, raise change requests and servicerequests to retrieve new logs, adjust logging levels or modify theconfiguration of tools such as Sysmon. To achieve success, theservice provider must be able to provide expert level guidance tosecurity tools managers and systemadministratorsRespondto ad hoc tasks given by the service delivery manager and cellheadTheservice provider is expected to provide accurate and completedeliverables in accordance with internalprocesses
Apply safely
To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.
Hiring company
Confidential
-
Dishwashing Knowledge GateAED 75Duration: Upto 1 Hour
-
Hotel Management Level 3 Course LineAED 88
AED 1,763Duration: Upto 12 Hours
Similiar Jobs that might interest you
HSE INCIDENT INVESTIG & LRNG ANALYST
QatarEnergy... HSE & QUALITY Title HSE INCIDENT INVESTIG & LRNG ANALYST Primary Purpose of Job Execute corporate level HSE Incident ...
Qatar 24 days ago
HSE OFFICER (Petrol Stations)
QatarEnergy... HSE & QUALITY Title HSE OFFICER (Petrol Stations) Primary ... Stations. - Good knowledge of HSE systems and equipment, ...
Qatar 24 days ago
Support Supervisor (Diveboat 2)
QatarEnergy... required by the current UK HSE / IMCA regulations. Very good working ...
Qatar 24 days ago
CARGO ADMINISTRATION SUPERVISOR
QatarEnergyDepartment RAS LAFFAN PORT Title CARGO ADMINISTRATION SUPERVISOR Primary Purpose of Job Shift supervisor is ...
Qatar 24 days ago
WHP Operations Supervisor
NES FircroftPosition: WHP Operations Supervisor Location: Doha/China Doha Logistics allowance: SINGLE status Mob date: 01-APR-2024 ...
Qatar - Doha 24 days ago
Telecom Foreman / Supervisor
NES Fircroft... environment and telecom troubleshooting activities. Investigate and supervise operational issues, problems ...
Qatar - Doha 24 days ago
CONSTRUCTION SUPERVISOR (WORKBOAT 3)
QatarEnergyDepartment Title CONSTRUCTION SUPERVISOR (WORKBOAT 3) Primary Purpose of Job Education HNC or equivalent technical ...
Qatar 24 days ago
MAINTENANCE SUPERVISOR (UMV) (OFFSHORE)
QatarEnergyDepartment Title MAINTENANCE SUPERVISOR (UMV) (OFFSHORE) Primary Purpose of Job Education 1st mate Foreign-Going, or ...
Qatar 24 days ago
Facility Supervisor - Logistics
NES FircroftGreetings from NES!!! We have an urgent opening for an Oil & Gas Operating company based in Qatar. If you are ...
Qatar - Doha 24 days ago
Drilling Supervisor
SofomationMin experience 8 years in Onshore / Offshore
Qatar - Doha 24 days ago
Drilling Supervisor
SofomationMinimum 08 years experience in Onshore & Offshore
Qatar - Doha 24 days ago
Project Safety Officer (Onshore & Offshore)
NES Fircroft... HSE plans at the ground level, conduct safety walks and inspections, incident investigations ... incident investigations, ...
Qatar - Doha 24 days ago
INSPECTION & COMPLIANCE OFFICER
QatarEnergy... effective compliance to established HSE Standards, Procedures and work ... QP Guidelines for Managing HSE in Contracts to ...
Qatar 24 days ago
EMERGENCY PREPAREDNESS COORDINATOR
QatarEnergy... collaboration with Asset Operators and HSE Managers. Education • Degree in ... work experience in a HSE role in the oil ...
Qatar 24 days ago
Radiation Protection Officer
QatarEnergy... HSE (DCA) Title RADIATION PROTECTION OFFICER ... Ensure effective VI governance of HSE risks associated with ionizing, non ...
Qatar 24 days ago
Station Officer
QatarEnergy... HSE (MIC) Title STATION OFFICER Primary ... readiness to respond to incidents. 2. Respond to incidents and assume the ...
Qatar 24 days ago
Environment Analyst (Chem & WM)
QatarEnergy... OPERN) Title ENVIRONMENT ANALYST (CHEM & WM ... Operating Permit, QP HSE Policy, ... assignments. - Investigation skills, ...
Qatar 24 days ago
Fire Prevention Engineer
QatarEnergy... . 3. Coordinate with QatarEnergy Technical HSE/Engineering departments to ensure that ...
Qatar 24 days ago
Why are you reporting this job?
Job has expired Cannot view this pageAlternatively, you may click on the link below or copy/paste it into your browser.
https://en-qa.whatjobs.com/coopob__cpl___2019_995008__2204?utm_source=2204&utm_medium=feed&keyword=HSE-Supervisor&location=Doha&geoID=13