Lead Operational Engineer L3 Emirates Airlines

Emirates Airlines is presently hiring candidate for job role of Lead Operational Engineer L3 Platform and Endpoint Security in Dubai. The role holder will be responsible to lead, investigate and manage complex cybersecurity incidents as well as manage escalations from security operations and investigate intrusions of all anomalous and misuse activities on hosts and networks. Additionally they manage the critical incidents and provide deep expertise to guide engineers and ensure a robust security posture to protect the organization. Role holder also be accountable for threat detection, identification, prevention, and reporting of cyber-attacks.

Duties of Lead Operational Engineer L3

• Manage critical incidents and challenges as the focal point of contact for major incidents. Coordinate with other departments during critical incidents and drive post-incident reviews and formulate preventive strategies.
• Detect, identify, and respond to possible cyber-attacks, intrusions, anomalous and misuse activities as well as evaluate incident triage activities to ensure optimum incident resolution including the ownership of escalated incidents.
• Analyse network traffic and system data to detect potential threats to resources and provide recommendations for remediation. Conduct analysis that encompasses defining the scope, urgency, and potential impact.
• Perform correlation of security incidents and events to build threat detection and prevention capabilities, baselining network traffic and host activity across the enterprise.
• Manage and document the incident throughout its cycle, including tracking and documenting incidents from initial detection through final resolution and the update the knowledge bases, preventative controls, and standards operating procedures.
• Executing incident trend analysis, reporting and assessing the impact on data and infrastructure as a result of cyber incidents as well as leading security operations, responding to feedback from internal IT departments, business and audit operational performance against the defined metrics and goals.
• Collaborate with intelligence analysts to correlate threat assessment data and recommend methods to enhance defence capabilities as well as liaising with the content Engineering Team to identify. Implement automation and service improvement programs to manage security operations efficiently. 

What You Will Do More

• Designing and architecting robust security infrastructure that integrates endpoint firewalls, CASB, and mail filtering solutions seamlessly across the organization’s network. 
• Creating advanced and granular security policies for endpoint firewalls, CASB, and mail filtering systems. Customizing rules to protect against evolving threats and compliance requirements. 
• Employing advanced monitoring tools and techniques to analyse traffic, logs, and events generated by endpoint firewalls, CASB, and mail filtering systems, conducting sophisticated analysis for threat detection.
• Leading incident response efforts related to these security platforms, conducting in-depth forensic analysis, understanding attack vectors, and formulating strategies to prevent future occurrences.
• Ensuring seamless integration and compatibility between endpoint firewalls, CASB, and mail filtering solutions within the broader security ecosystem, including SIEM and other security tools.
• Ensuring configurations, policies, and activities across these platforms align with industry standards, regulatory compliance (such as GDPR, HIPAA), and organizational security requirements. 

Requirements of Lead Operational Engineer L3

The requirements for job role of Lead Operational Engineer L3 are as under:

• Degree or Honours (12+3 or equivalent) Computer science, Information Systems, Engineering, Telecommunications, or other related scientific or technical disciplines. 
• Minimum 5 years in Information Technology and CyberSecurity.
• Experience working in cross-functional and interdisciplinary teams to solve complex problems.
• Experience in operating systems, networks, databases, and web application security with a focus on advanced preventative capabilities. Hands-on experience in technical analysis with a focus on cyber
• Experience analysing network traffic and host activities for potential attack vectors and developing mitigation strategies.
• Experience in advanced technical analysis.
• Experience in gathering a predictive understanding of adversarial strategies, priorities, and overlapping interests.
• Experience in technical writing such as event bulletins, cyber digests, and quarterly summary reports.

Knowledge & Skills Desired

•  Threat Detection and Response (CSOC): Expertise in threat intelligence and advanced threat detection.
• Infrastructure Protection: Mastery over network security architecture and advanced intrusion prevention systems.
• Identity: Deep understanding of identity governance and sophisticated IAM solutions.
• In-depth knowledge of cyber threats and understanding of enterprise IT and Cybersecurity operational environments.
• Ability to evaluate threat actors based on motivation and common TTPs.

Partnership Accounts Manager Emirates Airlines