Role Type: Permanent
Location: Remote - Egypt
Start: Immediate
Qualifications of the Role:
• Bachelor's degree in Computer Science, Information Security, or related field.
• The candidate must have extensive experience in incident handling and reporting (at least 3 years in a similar role).
• Professional certifications related to incident response is preferable.
• Strong analytical and problem-solving skills.
• Knowledge of network security zones, Firewall configurations, IDS policies.
• Knowledge of systems communications from Layer 1 to 7.
• Experience with Systems Administration, Middleware, and Application Administration.
• Experience with Network and Network Security tools administration.
• In-depth experience with log search tools and usage of regular expressions.
• In-depth knowledge of packet capture and analysis.
• Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat).
• Ability to create a containment strategy and execute it.
What We Are Looking For?
Robust knowledge of Cybersecurity regulations, standards and controls.
Fluent in Cyber Incident Detection, Response and Management
Strong understanding of ICT, including Hardware, Software and Networks.
Expertise in preparing and analyzing Cybersecurity reports.
Experience in ICT / Cybersecurity Audit / Compliance / Regulatory discussions Professional Certification: Security+, CCNA or CCNP – NSE4A
collaborative team player who fosters a culture of continuous improvement and empowers team members to achieve their best.
An individual with a strong commitment to quality, accountability, and ethical practices in project and change management.
A candidate with a passion for mentoring and developing talent within the information and cyber security management functions.
Fluent in Arabic and English languages
What You Will Be Doing in the Role?
• Provide investigation for escalated security incidents.
• Check for false positive & duplicates.
• Provide communication and escalation throughout the incident per the CSIRT guidelines.
• Communicates directly with data asset owners and business response plan owners during high
severity incidents.
• Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets.
• Perform analysis of log files to collect more contextual information in order to triage the security threat.
• Provide forensics analysis and investigation.
• Drives containment strategy during data loss or breach events.
• Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs).
• Works directly with data asset owners and business response plan owners during high severity incidents.
• Provide tuning recommendations to administrators based on findings during investigations or threat information reviews.
• Collect contextual information and pursue technical root cause analysis and attack method analysis.
• Make content determination to treat the alert as a security incident and assign a severity level.