At Careem, we are driven by the purpose of simplifying the lives of people and building an awesome organization that inspires. Based in Dubai, we started our journey as a pioneer of the Middle East’s ride-hailing economy. Today, Careem is the region’s everyday Super App operational in 13 countries and over 100 cities. The Super App provides a host of daily services that people need to move around, to order things and to transfer money in one unified smartphone app. Our goal is to simplify people’s daily lives so that they can spend their precious time and mindshare on things that really matter and on realizing their potential.
Careem is looking for an experienced Senior Security Analyst with extensive experience in network forensic analysis and incident response. The preferred candidate should also be able to identify the root cause of compromised systems utilizing full packet captures of network activity and log data. Candidates must be able to work with a team and coordinate work actions with that team.
SOC analysts will be responsible for monitoring computer security events according to documented procedures and industry best practices. First line of defense in protecting's information systems from internal and external threats.
The senior SOC Analyst will be responsible for working within a team to provide continuous security monitoring and incident handling, threat and vulnerability management, threat hunting, incident response, and purple teaming daily tasks.
This is a shift based role, to provide 24/7/365 security services to the business. The successful applicant will have a demonstrable passion for security and willingness to progress within the role and support the Senior SOC Analysts with rule tuning, use case development, purple teaming, threat and vulnerability management, threat hunting, DFIR, and cyber threat intelligence.
Minimum 7 years of operational experience preferred in security operations center, threat intelligence, insider threat operations, threat management, cyber security, information security or related functions.
Bachelor's degree in Computer Science, Management Information Systems, Information Systems, or a related field/experience is required. Experience within financial services areas is preferred.
Considerable knowledge and understanding of common cyber security technology tools such as firewalls, IDPS, Network access control, DDOS Mitigation, Endpoint detection & response, threat intel, Vulnerability , encryption and authentication, Cloud infrastructure (AWS, Azure) is advantageous.
Strong knowledge of Security Methodologies and Frameworks.
Must have experience:
- Minimum 7 years’ experience performing incident response with an emphasis on system compromise analysis
- Ability to analyze captured data to perform incident response and identify potential compromises to customer networks
- Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products.
- Ability to perform network-based forensics and log analysis
- Strong understanding of incident response methodologies and technologies
- Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers
- Experience with log management and/or SIEM technologies such as ELK stack, Splunk, ArcSight, and LogRhythm etc.
- Experience with network monitoring tools such as RSA Netwitness, , Bluecoat Security Analytics is a plus
- Malware analysis and reverse engineering is a plus
- Technical certifications considered an asset are: CISSP,GCIH, GCIA, GCFA, GPEN
- Candidates must be reliable and able to function as part of a 24x7 operations center. Experience in highly available 24x7 Enterprise Operational Environment
Proven success in running SOC function/team, including (but not limited to):
- Experience maintaining metrics, reporting and SLAs
- Security operations experience with operating systems, cloud infrastructures and services (e.g. AWS, GCP) and customer-facing web applications
- Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework
- Strong analytical skills and attention to detail
- Experience around security processes and technologies
- Ability to research, analyze, and resolve complex problems with minimal supervision and escalate issues as appropriate
- Thorough documentation skills
- Outstanding written and verbal communication skills
- Must be a highly motivated individual with the ability to self-start, prioritize, and multi-task