Utilizing established policies, standards and procedures, determine which security alerts and notifications should be identified as information security incidents.
Keep abreast of relevant technological changes and plan for new technology insertion.
Communication and follow-up of potential security risks detected by the SOC-infrastructure.
Manage security incidents identified by SOC infrastructure.
Respond to Security Incidents according to the Security Incident Response processes.
Process security events identified by the SOC environment.
Vulnerability management according to predefined processes
Follow-up on mitigation of vulnerabilities
Delivery of security reports according to KPIs to Information Security Manager
Handle user reported cases of potential phishing, and spear phishing campaigns.
Research, and analyze wide variety of commodity and APT based malware and techniques.
Perform cyber and technical threat analyses of hostile nation‐states, hacker groups, terrorist organizations and other bad actors able to do harm to NRC networks.
Conduct link analysis of technical data using software tools to identify trends in attacks, targeting, and timing of suspicious/malicious activity.
Produce situational, incident‐related reports on cyber threats that could affect organization networks.
Perform advanced analyses of potentially malicious activities that have occurred, or are believed to have occurred, on the organization network.
Handles initial investigation of DDoS, Malware related alerts (JavaScripts, *.php )
Handles initial investigation of Malware related alerts (JavaScripts, *.php )
Monitoring and responding to security events from SIEM
Respond in a timely manner (within documented SLA) to support tickets
Be available, ready, and able to promptly handle incoming support calls in support of our contractual customer SLA’s
متطلبات الوظيفة
Bachelor Degree in Computer Science, Information Technology, Telecommunications.
1 : 3 years of previous related work experience.
Understanding of electronic investigation and log correlation Proficiency with the latest intrusion detection platforms
Event and Incident management
Security+, GCIA, CEH, CIH, or CISSP certification preferred.
Very good English both written and spoken.
Excellent in cross-department communication and coordinating skills.
Al-Ahly Capital for Microfinance “Al-Ahly Tamkeen” is a company specialized in providing financial services for micro enterprises, operating throughout the Arab Republic of Egypt, and seeking to occupy its place at the forefront of this type of compa