Manager Threat Hunting Information Security Group-ISG

• Manage security event monitoring and incident response using SIEM platforms, with preference for Azure Sentinel and ArcSight.
• Analyze and respond to security events from diverse sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications.
• Develop and maintain alert rules and logic within SIEM to ensure accurate detection of security events.
• Assist senior personnel in managing complex security incidents and improving incident response times.
  
  

Security Event Management

• Monitor and respond to security events from SIEM systems (Azure Sentinel & ArcSight preferred).
• Analyze and respond to events from various data sources including firewalls, IDS/IPS, AV, DAM, web servers, proxies, and banking applications.
  
  

Threat And Incident Management

• Develop and implement alert rules and logic in SIEM to detect events of interest.
• Perform accurate, real-time analysis and correlation of logs and alerts from multiple sources.
• Utilize established policies, standards, and procedures to determine which alerts should be classified as security incidents.
• Assist in the resolution of complex security incidents and enhance incident response efficiency.
  
  

Security Improvements And Collaboration

• Improve incident response times, reduce false positives, and enhance threat detection capabilities.
• Contributes to the design, implementation, and documentation of security awareness programs.
• Update and refine existing processes and policies (SOPs, playbooks, runbooks) in line with cybersecurity best practices.
• Work collaboratively with compliance, audit, and regulatory teams to provide necessary information and support.
• Educational Background: Graduate/Postgraduate degree in Science, Engineering, or IT.
• Certifications: Minimum of 2 Professional certifications from CISSP, CISM, CRISC, CISA, or equivalent.
• Expérience:
• Proficient in SIEM Policy reviews and implementation, with experience in Cyber Defense Center or Security Operations Center roles.
• Over 10 years of experience in SOC & CDC, with strong analytical skills and experience in managing security operations.
• Skills:
• Proficiency in SIEM design and implementation.
• Ability to work with various teams to enhance security awareness.
• Strong documentation and report writing skills.
• Knowledge of the banking environment is advantageous.
  
  

The leading financial institution in MENA

While more than half a century old, we proudly think like a challenger, startup, and innovator

in banking and finance, powered by a diverse and dynamic team who put customers first.

Together, we pioneer key innovations and developments in banking and financial services.

Our mandate? To help customers find their way to Rise Every Day, partnering with them through

the highs and lows to help them reach their goals and unlock their unique vision of success.

Delivering superior service to clients by leading with innovation, treating colleagues with dignity and fairness while pursuing opportunities that grow shareholders value.

We actively contribute to the community through responsible banking in our mission to inspire more people to Rise.

---