At Careem we are led by a powerful purpose to simplify and improve lives in the Middle East, North Africa and Pakistan. We're pioneering the development of innovative services to aid the mobility of people, the mobility of things and the mobility of money.
We're in the driving seat as we help to define how technology will shape progress in some of the fastest-growing countries in the world. Our teams are building tech to meet the needs of the future in areas including data and AI, e-commerce, technology-enabled logistics, maps, identity, and fintech.
We’re well placed to solve complex and meaningful challenges at scale, with deep tech expertise, strong regulatory relationships, a local presence, and increasingly specialised global teams which are structured to operate as autonomous start-ups. Our team of over 400 engineers and developers are empowered to develop cutting-edge technology every day.
Careem was established in July 2012, became a wholly-owned subsidiary of Uber Technologies, Inc. in January 2020, and today operates in over 100 cities across 12 countries.
Job Purpose
Careem is looking for an experienced SOC L1 analyst as we are ramping up the Security Operations Center and has a need to extend the L1 incident response team. The person working in the L1 SOC team operates the security monitoring solutions, reacting timely to security events as identified. The role requires working in a shift schedule (to cover 24/7) after the initial ramp up period.
SOC analysts will be responsible for monitoring computer security events according to documented procedures and industry best practices. First line of defense in protecting's information systems from internal and external threats.
Key Responsibilities
- Responsible for the validation and analysis of investigations within Security Operations Center (SOC) Analyst
- Responsible for the monitoring, validation and analysis of investigations of events and alerts on AWS Cloud Infrastructure, SaaS applications and onprem infrastructure
- Provide expert analysis of Cloudtrail, CloudWatch, VPC Flow logs for event/incident analysis
- Guide and support automate security alerts and use cases in AWS cloud
- Carry out triage of incoming issues (initial assessing the priority of the event, initial determination of incident to determine risk and damage or appropriate routing of security or privacy data request)
- Proactively identify vulnerabilities across the entire infrastructure environments and suggest updating of SIEM use cases to generate alerts
- ‘On Call’ availability for rare ‘fire drill’ scenarios, for example on high-critical incident response scenarios, or emergent imminent widespread threats requiring urgent action
- Provide communication and escalation throughout the incident per the SOC guidelines.
- Identify and manage a wide range of intelligence sources to provide a holistic view of the threat landscape and filter out noise in order to focus and execute upon actionable intelligence
- Ensure that all security events and incidents (internal / external) are logged into Jira and regularly updated and closed within the set SLA’s
Qualifications
- Minimum 2 years of operational experience preferred in security operations center, threat intelligence, insider threat operations, threat management, cyber security, information security or related functions
- Bachelor's degree in Computer Science, Management Information Systems, Information Systems, or a related field/experience is required.
Experience
Must have experience:
- Experience in Highly available 24x7 Enterprise Operational Environment
- Familiarity with cloud architecture/infrastructure and general networking principles.
- Experience with virtualization technologies, especially with AWS services.
- Strong demonstrated knowledge of web protocols, common attacks, and an in-depth knowledge of Linux/Unix tools and architecture.
- System administration, configuration and patch management, zone security, firewall and IAM
Proven success working in SOC function/team, including (but not limited to):
- Experience maintaining metrics, reporting and SLAs
- Security operations experience with operating systems, AWS cloud infrastructures
- Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework
- Strong analytical skills and attention to detail
- Experience around security processes and technologies
- Ability to research, analyze, and resolve complex problems with minimal supervision and escalate issues as appropriate
- Thorough documentation skills
- Outstanding written and verbal communication skills
- Must be a highly motivated individual with the ability to self-start, prioritize, and multi-task
What we'll provide you
In addition to a competitive long-term total compensation with salary and equity, we have a reward philosophy that expands beyond this. As a Careem colleague you will be able to:
- Be part of a hybrid working environment
- Work from any country in the world for 30 days a year
- Use Unlimited Vacation days throughout the year
- Access fitness reimbursements for health activities including: gym, health club and training classes.
- Work and learn from great minds
- Create impact in a region with untapped potential
- Explore new opportunities to learn and grow every day