Cyber Force Career Details

Job Code: [TI23-003]
Location: HQ, Cairo, Egypt

Job Description:

Cyber Force seeks an experienced Elastic Security/SIEM Engineer to join our team. As an MSSP and SOCaaS provider, we need an individual who can design and implement Elastic solutions, create and manage Elasticsearch clusters, and develop and maintain APIs clients to extract data from SaaS services.

Responsibilities:

• Configure, maintain and troubleshoot Elastic environments on cloud and on-premise instances and facilitate integration with security data sources and applications.
• Manage, implement, and maintain data ingestion pipelines and provide Elastic index management (e.g., data modeling, index lifecycle management).
• Provide SIEM tuning/optimizing based on data volume and query requirements and create dashboards on KPIs.
• Act as a subject matter expert on Elastic solutions and provide engineering support for Elastic deployments at the systems or software level.
• Stay current with new and upcoming technologies and suggest improvements to existing implementations.
• Work with a team in complex, big data platforms and provide experienced insight into Elastic Stack cluster architecture, design, and deployment.

Qualifications:

• Bachelor’s degree in Computer Science or a related field or equivalent experience.
• At least 3 years of systems engineering/administration experience with Elastic Stack clusters in elastic scaling cloud environments or on-premise implementations.
• Experience with core Elastic data indexing concepts (shard management, map-reduce, etc.) and pulling data from Web Application APIs.
• Proficient with scripting (i.e., Python, JavaScript, Bash, etc.) and working from the command line in a Linux environment.
• Experience with using automation/orchestration solutions such as Ansible, Chef, Puppet, Salt, etc.
• Experience with data movement, ETL technologies, and data parsing of structured and unstructured data sources.
• Experience in the domain of Security and with certificate management, identity and access management integration, and secrets management.
• Experience with AWS, Azure, and GCP logging and data collection.

Job Code: [T23-001]
Location: HQ, Cairo, Egypt

Job Description:

Cyber Force is a Managed Security Service Provider and Managed Detection and Response provider; seeking a highly motivated engineer with an analytical mind and a deep understanding of cybersecurity methodologies to join our team. In this role, you will have the opportunity to work on both Defensive and Offensive Cybersecurity activities, enabling you to advance your career path.

Responsibilities:

• Perform continuous monitoring of customer’s environments, review security events and alerts, analyze logs for anomalies, perform in-depth investigations on suspected incidents in the environment, and advise on containment and eradication response actions.
• Participate in Penetration Testing Assessments (e.g., Network and Application Penetration Tests).
• Participate in Vulnerability Assessments to identify network and system vulnerabilities while providing remediation activities.
• Participate in other Security Consultation Services such as Risk Assessment, Policies, and Procedure Review, Infrastructure Assessment, Information
• Security Governance, Compliance PCI-DSS, ISO27001, and GDPR.
• Evaluate each customer’s security needs and recommend best practices and standards accordingly.
• Participate in the creation and delivery of cybersecurity awareness content for respective customers.
• Ensure compliance with relevant regulatory requirements such as PCI-DSS, ISO27001, and GDPR.

Qualifications:

• Problem-solving skills.
• Excellent English Language Skills.
• Excellent Presentation Skills.
• Bachelor’s degree in Computer Science, Computer Engineering, Information Technology, or equivalent experience.
• 2-3 years of relevant work experience.
• Previous hands-on experience using SIEM or XDR solutions.
• Excellent awareness of cybersecurity trends and hacking techniques.
• Solid understanding of attacker tactics, techniques, and procedures.
• Solid networking, systems, and cybersecurity background.
• Solid understanding of OSI or TCP/IP model and protocols.
• Solid Knowledge of techniques for analyzing TCP/IP network traffic and event logs.
• Good Understanding of Security Incident Handling and Computer forensics.
• Good understanding of network troubleshooting.
• Good understanding of Microsoft Office products, Windows and UNIX operating systems, and Cisco and/or Juniper networking equipment.
• Good understanding of technology infrastructures concepts such as Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy, and Security Audits.
• Good Knowledge of cyber threat exploitation patterns, from discovery to establishing a persistent presence using Manual and Automated techniques.
• Previous experience in providing cybersecurity training is preferred.
• Knowledge of principles and frameworks of GRC (Governance, Risk, and Compliance). Relevant certifications such as CISA, CISSP, or CRISC are a plus.
• Knowledge in one or more of the following certificates: Security+, GSEC, GSOC, GCIA, CEH, CSA, relevant certifications, or courses.