A well-known and well-reputed Company based in Dubai, United Arab Emirates is looking for an experienced, skilled, competent, mature, qualified, creative, and intelligent candidate with significant knowledge and relevant working experience for the position of “Security Operations Manager”.
|Masters Degree | Bachelors Degree
|3 – 5 years of Relevant Experience Required
|18,000 AED – 20,000 AED
|Full Time | Permanent
Who we are?
Want to work for the most exciting digital company in the Middle East? noon.com is a technology leader with a simple mission: to create world-class digital marketplaces for consumers and businesses across the Middle East.
Starting in 2017 with noon.com, the region’s homegrown e-commerce platform and leading online shopping destination, noon is now an ecosystem of services – noon, noon daily, noon food, NowNow, SIVVI, noon VIP, and noon pay – all developed to help empower and inspire a generation of diverse, digital-first consumers and businesses.
We are creating a local digital champion to empower the region and accelerate the digital economy and are looking for the best talent in the world to join our team.
What we are looking for:
Noon Security Team is looking for a talented and experienced Security Operations Lead, an ideal candidate has a diverse security skill-set (AppSec, Cloud Security, SOC, IR, TI..) with experience in building cloud-native security operations programs in medium-large companies..
You will assist in building and managing the cloud-native security operations (SecOps) program for Noon Group while implementing advanced detection mechanisms based on known/emerging attacks, TTPs and IOCs. You will be the focal point for the planning, execution of security monitoring, investigation, response, and coordination of relevant parties when an information security incident occurs.
- Manage the Security Operations & Threat Intel Program at Noon
- Build a centralized SOC for Web and Cloud services for Noon Group.
- Work continuously with the security team to advance the Security Detection & Prevention Program, take initiatives with proactive approaches to strengthen our security monitoring and detection capabilities for our web apps and cloud services.
- Create and enhance SOC/TI, incident handling and response policies, processes and procedures.
- Drive improvements in detection, response capabilities, and operations for the SOC/TI
- Act as the focal point for security operations, incident detection and response, threat intel, and contribute to security detection programs
- Exhibit knowledge of attacker lifecycle, TTPs, indicators of compromise (IOCs), and proactively implementing countermeasures to neutralize the threats.
- Identifies opportunities to enhance the development and implementation of new methods for detecting attacks and malicious activities.
- Participate as a member of the CSIRT during major incidents and lend contributions to post-Incident review and continuous improvement
- Proactive threat hunting of anomalies to identify IOCs and derive custom detection alerts for the IOCs
- Identifying and managing a wide range of intelligence sources to provide a holistic view of the threat landscape. (OSINT aggregation)
- Write detection signatures, tune security monitoring systems/ tools, develop automation scripts and correlation rules.
- Provide cyber risk and threat identification by proactively and continuously monitoring the internal/external landscape for relevant events, risks and threats related to malicious code, vulnerabilities and attacks.
Who we need?
- Required: Senior level experience in a SOC, threat intel, security detection, or similar cybersecurity roles for medium to large organizations.
- Technical professional security certifications in one of the following: Incident Response & Investigations, Offensive Security, or Threat Intel such as GCIH, GCFA, GCTI, OSCP or similar
- Hands-on experience in advanced SOC and cyber threat intelligence activities, intrusion detection, incident response, and security content development (e.g., signatures, rules, etc.)
- Knowledge of at least one common scripting language (Python, Ruby, Go).
- Understanding of log collection and aggregation techniques, Elastic Search, Logstash, Kibana (ELK), Syslog-NG, etc.
- You have 5-8 years experience working in SOC/TI mainly involving cloud services (GCP/AWS) and web applications (Preferable)
- Able and comfortable wearing multiple hats (Preferable)
- Hands-on experience in offensive/defensive web applications security is a big plus for this role (Preferable)
- Expertise in threat hunting in one or more public cloud solutions such as AWS and GCP (Preferable)
- Establishes industry expertise through writing, speaking or online presence (Preferable)
Who will excel?
The ideal candidate will be comfortable in a fast-paced, multi-tasked, high-energy environment. They will be a creative and analytical problem solver with a passion for delivering results.
At noon we have the courage to pursue what seems impossible, we work hard to get things done, we go to great lengths to ensure that the experience of everyone from our customers to our sellers or noon Bandidos is stellar but above all, we are grateful for the opportunities we have.
If you feel the above values resonate with you – you will enjoy this incredible journey with us!