About the Job
As a Security Operations Analyst, you will play a crucial role in safeguarding Lean’s organization's digital assets by overseeing and enhancing our Security Operations Center (SOC) infrastructure, DLP issues, and vulnerability management.
Your primary responsibilities include event collection, log management, incident investigation, proactive threat hunting using SIEM technologies, and DLP alert management. Additionally, you will collaborate with diverse teams to strengthen our security posture, ensuring all incidents are handled promptly and within established SLAs.
Who are we
Lean enables companies to seamlessly connect to their users’ bank accounts to initiate real-time payments and retrieve their account information. Our products have garnered the trust of leading companies and enabled them to deliver powerful experiences when connected with a user’s bank account, allowing users to perform prudent financial planning, get better rates on loans, transfer money to friends, and more, without compromising on privacy or security.
Some of Lean’s clients include the likes of Binance, Etisalat Group, Careem, Sarwa, and many more, making it the region’s most valuable Open Banking platform. The company has now processed hundreds of millions of dollars, and its products are also connected with hundreds of thousands of accounts. Lean envisions a fully inclusive financial ecosystem that serves everyone, no matter where they bank or live in the MENAP region.
Responsibilities
Coordinate and conduct event collection, log management, compliance automation, and identity monitoring activities using SIEM technologies.
Investigate and perform analysis over DLP cases
Perform Vulnerability management using Tenable Nessus
Create SOC infra from scratch if required
Investigate incidents using SIEM, packet captures, reports, data visualization, and pattern analysis.
Ensure all incidents are handled within SLA and closed, maintaining a high standard of incident response.
Proactively engage in threat hunting, incident handling, and distinguishing malicious activities from non-malicious ones.
Define and update Standard Operating Procedures (SOPs) to ensure efficient security operations.
Monitor SIEM and SOC tools for potential performance issues, data loss, and misconfigurations in both SOC infrastructure and cloud environments.
Review and improve detection controls, enhancing security operations visibility and defensive security tools.
-
Perform fine-tuning on the SIEM platform as needed and collaborate with the engineering team to identify new detections.
Minimum Qualifications
Experience in building SOC infrastructure from scratch.
Experience with DLP tools.
Proficient in networking concepts such as OSI/TCP IP.
Expertise in TCP/IP network traffic and event log analysis.
Familiarity with EDRs, DLP, and AVs.
Competency in preparing event and incident documentation.
Strong User Behavior Analysis skills, recognizing patterns of malicious behaviors.
Proficiency in Log Analysis and Correlation.
Knowledge of Enterprise Endpoint Security and Email Security.
Experience in Network Security (IPS/IDS), Security protocols, and Operating Systems (macOS, Linux)
Ability to collaborate with diverse teams, including the Cyber Incident Response (CIRT) and Penetration Testing teams, to mitigate security threats.
Excellent communication and collaboration skills.
Mandatory knowledge about OWASP top 10 and vulnerability exploitation methods for triaging SOC cases.
-
Vulnerability Management experience using tools like Nessus.
Desired Qualifications
Familiarity with Cloud Security (OCI, GCP and AWS).
Expertise in Threat Hunting and understanding of Rest API security workings.
Familiarity with Jira, Jenkins, Github, and Gsuite tools.
Good to have experience working with other security tools such as Sny or Burp suite.
NB. While we think the above experience could be important, we’re keen to hear from people that believe they have valuable experience to bring to the role. If you identify with the team and mission, but not all of our requirements, then please still apply!!
Why Join us?
Our products have received resoundingly positive feedback from developers and customers alike, with Sequoia leading its $33 million Series A round, marking its first in the GCC. Yet, this is just the beginning. We're working tirelessly to expand our coverage across the region while further deepening the value we provide to our stakeholders. To that end, we're always on the lookout for talented, driven, and entrepreneurial candidates to join us in our mission of enabling the next generation of financial innovation. If you're motivated by solving hard problems and leaving a lasting legacy while you're at it, Lean's where you need to be.
Not only do we offer competitive salaries, private healthcare, and flexible office hours, but we also insist that every member of the team hold a meaningful equity stake in the business to ensure long-term alignment. We'd love you to join us for this journey!
Lean is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.
When applying for a job at Lean Technologies, we will need to collect, use and share Personal Data about you with different members of our team during the application process. This may mean transferring your data to members of the team in one of our office locations worldwide outside of the country you are in. Please refer to our Privacy Notice on our website for more information about how we may use and store your Personal Data