At Emirates, we believe in connecting the world, to and through, our global hub in Dubai and in constantly innovating to ensure our customers ‘Fly Better’. Our Cyber Defence Operations team is looking to urgently hire Operational Engineer Level 2 – Platform and Endpoint Security to protect our digital airspace by managing and enhancing network security measures.
Your role is to lead and oversee Cybersecurity analysis, activities monitoring and investigations within a shift. You will handle advanced incidents and service requests and guide Level 1 engineers to provide expertise in complex troubleshooting scenarios. Additionally you will coordinate with escalation engineers on the investigation and resolution of critical cybersecurity incidents as well as ensure accurate triage, timely escalation and resolution within SLAs. This role is on-site and based on shift rotation within a 24x7 Operation.
- Address escalated incidents and service requests.
- Guide Level 1 engineers in troubleshooting.
- Ensure timely resolution and fulfilment of escalated issues.
- Maintain clear documentation of complex incidents.
- Monitor external threat data sources to maintain the cyber network defence threat conditions and determine which security issues may have an impact on the enterprise.
- Perform a detailed analysis of cyber threat adversaries and recommend preventative countermeasures.
- Assess and identify Advance Persistent Threat (APT) activities.
- Maintain and support the shift log for effective shift handover.
- Monitor and review triage activities performed by the L1 analysts and ensure accurate closure.
- Assist in creating playbooks and updating the knowledge base repository.
Specific knowledge and skills for the role of Operational Engineers Level 2 - Platform and Endpoint Security.
The following are critical skills required to be successful in this role:
- Configuration and Deployment: Proficiency in setting up and deploying endpoint firewalls, CASB solutions, and mail filtering systems across the organization network infrastructure, ensuring comprehensive coverage and protection.
-Policy Implementation and Management: Creating and managing security policies for endpoint firewalls, CASB, and mail filtering solutions, defining rules to control traffic, access, and data protection for endpoints and cloud applications.
-Monitoring and Basic Analysis: Monitoring logs and traffic generated by endpoint firewalls, CASB, and mail filtering systems to detect potential security threats, conducting basic analysis to identify anomalies or policy violations.
-Incident Response and Collaboration: Understanding incident response procedures related to these platforms, including initial response to alerts, event identification, collaboration with teams, and documentation of incident responses.
-Compliance and Reporting: Ensuring configurations and policies across these platforms align with industry standards, regulations, and organizational security requirements, and generating basic reports on security events, compliance status, and platform activities.