10 Endpoint Security jobs in Egypt

Overview

We are seeking an experienced Endpoint & Device Security Lead to secure, manage, and optimize our endpoint and mobile device infrastructure. The ideal candidate will take ownership of Endpoint Central (ManageEngine), SentinelOne, Trend Micro, XDR platforms, and Mobile Device Management (MDM), ensuring that all endpoints and devices are patched, monitored, and protected against evolving threats. This role also includes remote agent deployment via our Azure tenant and full IT asset lifecycle management, making it central to our cybersecurity and compliance posture.

Key Responsibilities

Endpoint & Mobile Security

• Lead administration of Endpoint Central (ManageEngine) for endpoint deployment, patching, compliance, and asset inventory.

• Manage and optimize SentinelOne, Trend Micro, and XDR platforms to provide real-time protection, advanced detection, and response.

• Implement and oversee MDM solutions (Intune or Endpoint Central MDM) to secure and manage mobile devices (iOS, Android).

• Deploy and manage agents remotely using Azure tenant integration for both on-premises and remote devices.

• Define and enforce endpoint and mobile security policies to defend against malware, ransomware, phishing, and advanced persistent threats.

Patch & Threat Management

• Design and implement patch management strategies across operating systems and applications.

• Continuously monitor for endpoint and mobile vulnerabilities, security incidents, and anomalies.

• Use XDR platforms for advanced detection, correlation, and response to endpoint threats.

• Generate executive and technical reports on patch compliance, endpoint health, and threat response.

Asset Management

• Maintain a complete, accurate IT asset inventory (hardware, software, licenses, and mobile devices).

• Track and manage the full asset lifecycle (procurement, deployment, support, retirement).

• Ensure compliance with licensing, governance, and audit requirements.

Leadership & Operations

• Provide 2nd/3rd level support for endpoint, MDM, and security escalations.

• Lead endpoint security initiatives in collaboration with IT and InfoSec teams.

• Play an active role in incident response, threat containment, and remediation.

• Continuously improve endpoint & device security through automation, process optimization, and best practices.

Required Skills & Qualifications

• Strong hands-on experience with Endpoint Central (ManageEngine).

• Proven expertise in SentinelOne, Trend Micro, and XDR platforms.

• Experience with Mobile Device Management (MDM) (Microsoft Intune, Endpoint Central MDM, or equivalent).

• Skilled in remote agent deployment and management via Azure tenant.

• In-depth knowledge of endpoint and mobile security, patching, and compliance frameworks.

• Experience across Windows, macOS, Linux, Android, and iOS environments.

• Excellent troubleshooting, communication, documentation, and reporting skills.

Preferred

• Security certifications such as CompTIA Security+, Microsoft Security Operations Analyst, SentinelOne Certified Specialist, Trend Micro Certified Professional, MDM certifications.

• Experience integrating endpoint and XDR solutions with SIEM platforms.

• Knowledge of Zero Trust frameworks and endpoint hardening best practices.

Job Responsibilities:

• Builds a strategic and comprehensive privacy program that defines, develops, maintains and implements policies and processes that enable consistent, effective privacy practices which minimize risk and ensure the confidentiality of information, paper and/or electronic, across all media types. Ensures privacy forms, policies, standards, and procedures are up-to-date.
• Advising the bank on its data protection obligations and monitoring compliance.
• Raising awareness, arranging staff training and promoting best privacy practices.
• Briefing staff on the procedures they must follow in the event of breaches, complaints and data access requests from the public.
• Managing data protection undertakings, assigning responsibilities and prioritizing activity based on risk or potential impact.
• Maintaining records of risk assessments and compliance audits.
• Managing, monitoring, and continually improving data protection measures.
• Works with bank senior management, security, and compliance officer to establish governance for the privacy program.
• Collaborate with Cyber Security Head and CISO to ensure alignment between security and privacy compliance programs including policies, practices, investigations, and acts as a liaison to the information systems department.
• Oversees, develops and delivers initial and ongoing privacy training to the workforce.
• Initiates, facilitates and promotes activities to foster information privacy awareness within the bank.

Job Qualifications:

• Bachelor degree of Engineering or Computer Science
• 13+years of relevant professional work experience
• Knowledge of international standards and frameworks (ISO27001/27002, NIST, PCI-DSS, CIS, etc.)
• Knowledge of Security technology capabilities and functions
• Have relevant industry certifications included but are not limited to the following or their equivalents:
• ISACA Certified Information Security Manager (CISM)
• ISC2 Certified Information Systems Security Professional (CISSP)
• ISO 27001 LA
• ISACA Certified Data Privacy Solutions Engineer (CDPSE)

Data Protection Engineer:

key Responsibilities

• Monitor and support data protection and backup operations on a daily basis.

• Troubleshoot and resolve backup failures/issues in a timely manner.

• Perform first-level analysis of logs, alerts, and incidents.

• Escalate complex issues to senior engineers or vendor support when required.

• Assist in preparing reports on backup success/failure rates and performance metrics.

• Collaborate with customers and internal teams to provide clear, professional communication on issues and resolutions.

• Support ongoing knowledge documentation and process improvements.

Required Skills & Knowledge:

• Operating Systems (OS) basics (Windows & Linux).

• Networking fundamentals (TCP/IP, DNS, Firewalls basics).

• Understanding of storage and backup concepts is a plus (full/incremental backups, restore processes, RPO/RTO).

• Strong problem-solving and troubleshooting skills.

• Good communication skills (English & Arabic).

• Ability to work in a 24/7 managed services environment (shift-based if required).

: Education & Experience

• Bachelor's degree in Computer Science, Information Technology, Engineering, or related field.

• Fresh graduates or candidates with up to 2 years of experience in IT support, infrastructure, or managed services.

• Any internship, training, or certification in data protection/backup (e.g., Veritas, Veeam, Commvault, etc.) is a strong plus.

We are looking for a motivated and detail-oriented Junior Data Protection System Engineer to join our Managed Services team. This role is ideal for a fresh graduate or an early career professional who is eager to develop technical and troubleshooting skills in backup and data protection systems.

You will play a key role in monitoring, troubleshooting, and resolving backup failures, while also collaborating with customers and internal teams to ensure business continuity and service excellence.

Key Responsibilities

• Monitor and support data protection and backup operations on a daily basis.

• Troubleshoot and resolve backup failures/issues in a timely manner.

• Perform first-level analysis of logs, alerts, and incidents.

• Escalate complex issues to senior engineers or vendor support when required.

• Assist in preparing reports on backup success/failure rates and performance metrics.

• Collaborate with customers and internal teams to provide clear, professional communication on issues and resolutions.

• Support ongoing knowledge documentation and process improvements.

Required Skills & Knowledge:

• Operating Systems (OS) basics (Windows & Linux).

• Networking fundamentals (TCP/IP, DNS, Firewalls basics).

• Understanding of storage and backup concepts is a plus (full/incremental backups, restore processes, RPO/RTO).

• Strong problem-solving and troubleshooting skills.

• Good communication skills (English & Arabic).

• Ability to work in a 24/7 managed services environment (shift-based if required).

Education & Experience

• Bachelor's degree in Computer Science, Information Technology, Engineering, or related field.

• Fresh graduates or candidates with up to 2 years of experience in IT support, infrastructure, or managed services.

• Any internship, training, or certification in data protection/backup (e.g., Veritas, Veeam, Commvault, etc.) is a strong plus.

IF you are interested apply through LinkedIn or

Key Responsibilities:

• Supervise all infrastructure storage-related configuration activities: zoning, provisioning, masking, replication, and disaster recovery setup across SAN/NAS platforms.
• Ensure optimal performance and availability of storage systems supporting business-critical banking applications.
• Lead reviews of storage platforms, SAN switch software/firmware lifecycles, and coordinate with vendors for upgrades, patches, and fixes.
• Plan and execute large-scale migrations, technology refreshes, and capacity expansions.
• Engage in storage solution design, capacity planning, and performance trend analysis.
• Oversee backup management, including job monitoring, restores, troubleshooting, and health checks.
• Perform ongoing tuning, resource reclamation, and optimization of storage infrastructure.
• Ensure disaster recovery readiness with regular testing and replication validation.
• Implement and maintain security compliance (PCI, ISO) and support remediation of vulnerabilities.
• Collaborate with application, network, and security teams for integrated infrastructure support.
• Maintain technical documentation, runbooks, and standard operating procedures.
• Provide regular performance, capacity, and incident reports to senior management.

Job Requirements:

• Bachelor's degree
  in Computer Science, Information Systems, or a related field.
• 5+ years of hands-on experience
  in enterprise storage, SAN infrastructure, and data protection environments.
• Advanced knowledge and practical experience with:
• Brocade SAN
  and
  IBM Storage (SVC)
• Backup, Data Protection & Cyber Recovery solutions
  (e.g., Veritas, PowerProtect Data Manager (PPDM), RP4VM, Dell CRS)
• Storage Area Networking (
  SAN
  ) and Network Attached Storage (
  NAS
  ) concepts
• Operating Systems:
  UNIX, MS Windows, Solaris, Linux

Connect to your career at Deloitte
Deloitte
, established globally in 1845, is the world's largest and leading professional services firm, providing Audit & Assurance, Tax & Legal and Consulting and related services to public and private clients spanning multiple industries. Present in more than 150 countries, Deloitte is distinct in its ability to help clients solve their most complex problems, from strategy to implementation.

Deloitte innovation hub (DIH) is a strategic initiative established by Deloitte North & South Europe (NSE) to support our ambition to become the leading business transformation partner of choice for our clients and to expand and scale our delivery footprint across EMEA. With access to a scaled, diverse, highly skilled, motivated, and engaged workforce, DIH is delivering complex technical solutions for clients' most complex business problems, across portfolios that include 'Strategy & Transactions', 'Customer', 'Engineering, AI & Data, 'Enterprise, Technology & Performance' and 'Cyber'. DIH is aiming to become the destination for top talents in Egypt for a long, exciting career.

We invest in outstanding people of diverse talents and backgrounds and empower them to achieve more than they could elsewhere. Our work combines advice with action and integrity. We believe that when our clients and society are stronger, so are we. Our organization has grown in scale and diversity, providing services across the region, with our shared culture remaining the same. We aim to help clients realize their ambitions, make a positive difference in society, and maximize the success of our people. This drive fuels the commitment and humanity that run deep through our every action.

Connect to your career at Deloitte.
Role
We are seeking skilled data protection architects and engineers with expertise in Data Loss Prevention (DLP), data discovery, access governance, database monitoring, Cloud Access Security Broker (CASB), data classification, and rights management. The ideal candidate will have a background in designing, implementing, integrating, and operating data protection solutions to mitigate the risk of sensitive data loss for our clients. As part of this role, you will be expected to:

• Define data protection use cases and technical specifications to safeguard data across its lifecycle, from creation to deletion, in both on-premises and cloud environments, using solutions such as DLP and CASB.
• Design and architect Data Protection solutions that align with business objectives and comply with industry cybersecurity standards (e.g., NIST).
• Create system architecture and data flow diagrams with technical descriptions of each component.
• Define the dependencies to implement the solution, such as network rules and server infrastructure.
• Integrate workflows with third-party systems and security tools, such as Security Information and Event Management (SIEM) solutions and cloud platforms like AWS and Azure.
• Configure and implement data discovery servers.
• Configure and implement security rules (e.g., DLP policies) to protect sensitive data.
• Work with IT infrastructure teams to ensure pre-requisites have been met.
• Configure and implement agents for database monitoring and DLP monitoring.
• Integrate Data Protection solutions with existing enterprise applications/systems using API connections.
• Configure custom reporting dashboards using tools such as PowerBI.
• Develop technical documentation for Data Protection implementations.
• Execute testing for Data Protection solutions and troubleshoot issues.

Connect to your opportunity.
To succeed in this role, you will need the following skills:

• 1-3 years of hands-on experience in Cybersecurity with exposure on the Data Protection domain.
• Bachelor's or master's degree in information technology, Cybersecurity, computer science, or a related field.

Domain expertise in
two
to
four
of the following areas:

• Data discovery, inventory, and classification solutions (e.g., Microsoft, BigID, Cyera).
• Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) (e.g., Microsoft, Netskope, Proofpoint, ZScaler).
• Database Activity Monitoring (DAM) (e.g., Imperva, IBM Guardium).
• Data Access Governance (e.g., Varonis).
• Information Rights Management (e.g., Microsoft, Seclore, Vera).
• Data Security Posture Management (DSPM) tools (e.g., Symmetry, Flow, Polar, Laminar).
• Systems administration experience with various operating systems (e.g., Windows Server, Unix, Linux).
• Database administrator (DBA) experience with database technologies (e.g., Oracle, Microsoft SQL).
• Ability to optimize data security operations including ruleset tuning, triaging, and reporting.

The Following Skills Are Also Preferred

• Experience in secure configuration of container-based architectures (e.g., Kubernetes, Docker).
• Technical skills including scripting (Python/PowerShell) and coding frameworks.
• Security certifications and exposure to other security domains (e.g., Cloud).

Connect to your business – Technology & Transformation
Distinctive thinking, deep expertise, and collaborative working. That's what connects us. That's what makes us Deloitte. If you want to help solve some of the biggest challenges around, join us. Together, we'll make an impact that matters.

Personal Independence
Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to several audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm. The recruitment team will provide further detail as you progress through the recruitment process.

Connect with your colleagues.
Location: Cairo, Egypt

"What attracted me to Deloitte were the endless opportunities and the collective experience of other like-minded individuals. Deloitte's clients include many of the world's largest organizations; I wanted to be part of a team that made a difference that I could be proud of." - Dan, Technology & Transformation

"Everyone always says, "it's the people," and that's true. Working for a brand you feel proud of feels pretty good too. And you don't have any stress about fitting into a particular stereotype, because there are so many different types of people in Deloitte Digital." – Gillian, Technology & Transformation

Our commitment to you
Making an impact is more than just what we do: it's why we're here. So, we work hard to create an environment where you can experience a purpose you believe in, the freedom to be you, and the capacity to go further than ever before.

We want you. The true you. Your own strengths, perspective, and personality. So, we're nurturing a culture where everyone belongs, feels supported and heard, and is empowered to make a valuable, personal contribution. You can be sure we'll take your wellbeing seriously, too. Because it's only when you're comfortable and at your best that you can make the kind of impact you, and we, live for.

Your expertise is our capability, so we'll make sure it never stops growing. Whether it's from the complex work you do, or the people you collaborate with, you'll learn every day. Through world-class development, you'll gain invaluable technical and personal skills. Whatever your level, you'll learn how to lead.

Connect to your next step
A career at Deloitte is an opportunity to develop in any direction you choose. Join us and you'll experience a purpose you can believe in and an impact you can see. You'll be free to bring your true self to work every day. And you'll never stop growing, whatever your level.

Deloitte Innovation Hub I
Cyber Security I
Data Protection Senior Engineer, Cairo, Egypt
Connect to your career at Deloitte
Deloitte, established globally in 1845, is the world's largest and leading professional services firm, providing Audit & Assurance, Tax & Legal and Consulting and related service to public and private clients spanning multiple industries. Present in more than 150 countries, Deloitte is distinct in its ability to help clients solve their most complex problems, from strategy to implementation.

Deloitte innovation hub (DIH) is a strategic initiative/priority established by Deloitte North & South Europe (NSE) to support our ambition to become the leading business transformation partner of choice for our clients and to expand and scale our delivery footprint across EMEA. With access to a scaled, diverse, highly skilled, motivated, and engaged workforce, DIH is delivering complex technical solutions for clients' most complex business problems, across Portfolios that include 'Strategy & Transactions', 'Customer', 'Engineering, AI & Data, 'Enterprise, Technology & Performance' and 'Cyber'. DIH is aiming to become the destination for top talents in Egypt for a long, exciting career.

We invest in outstanding people of diverse talents and backgrounds and empower them to achieve more than they could elsewhere. Our work combines advice with action and integrity. We believe that when our clients and society are stronger, so are we. Our organization has grown in scale and diversity, providing services across the region, with our shared culture remaining the same. We aim to help clients realize their ambitions, make a positive difference in society, and maximize the success of our people. This drive fuels the commitment and humanity that run deep through our every action.

Connect to your opportunity.
Role
As a Data Protection Senior Engineer, you will leverage your experience in Data Loss Prevention (DLP), data discovery, access governance, database monitoring, Cloud Access Security Broker (CASB), Cata classification and rights management. The ideal candidate will have a background in designing, implementing, integrating, and operating data protection solutions to mitigate the risk of sensitive data loss for our clients. As part of this role, you will be expected to implement Data Protection solutions, including:

• Configuring and implementing data discovery servers.
• Configuring and implementing security rules (e.g., DLP policies or rules) on data protection solutions to protect sensitive data at rest and in transit. As part of this, fine-tune and configure the rules for accurate detection based on data points such as false positive rates.
• Work with IT infrastructure teams (e.g, Networks, Storage team, Messaging team) to ensure pre-requisites have been met and are in place.
• Configuring and implementing agents to perform database monitoring, DLP monitoring etc.
• Configuring and implementing DLP servers and/or endpoints to detect sensitive data across email, web, and endpoint egress channels.
• Integrating Data Protection solutions with existing enterprise applications/systems such as Office 365 applications, HR systems, endpoints using out of the box or custom API connections.
• Configuring custom reporting dashboards using 3rd party tools such as PowerBI.
• Develop technical documentation for Data Protection implementations including process documentation to enable operation of the solution e.g, defining processes which cover DLP incident management, DLP policy management, data discovery scanning, Shadow IT remediation etc.
• Execute unit, integration, functional and non-functional testing for Data Protection solutions. As part of this, troubleshoot and resolve issues (e.g, DLP alerts not generating, scan failures etc) by working with vendors.
• Deliver services post-implementation, from hyper-care support, resolving additional issues in production through advanced troubleshooting and debugging to ensure smooth operation.
• Conduct knowledge transfer to client Data Protection teams through technical training sessions on operating and maintaining the solution, empowering clients to effectively manage and support the Data Protection environment.

Connect To Your Skills And Professional Experience.
To succeed in this role, you will need the following skills:

• Experience — 3 to 6 years of hands-on experience in the data protection domain.
• Bachelor's or master's degree in information technology, Cybersecurity, computer science or a related field.
• Domain expertise, implementation and/or integration skills in two to four or more (depending on years of experience) of following areas:
• Data discovery, inventory, and classification solutions (e.g., Microsoft, BigID, Cyera).
• Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) (e.g., Microsoft, Netskope, Proofpoint, ZScaler).
• Database Activity Monitoring (DAM) (e.g., Imperva, IBM Guardium).
• Data Access Governance (e.g., Varonis).
• Information Rights Management (e.g., Microsoft, Seclore, Vera).
• Data Security Posture Management (DSPM) tools (e.g., Symmetry, Flow, Polar, Laminar).
• Systems administration experience with various operating systems (e.g., Windows Server, Unix, and Linux).
• Database administrator (DBA) experience with database technologies (e.g., Oracle and Microsoft SQL).
• Security of data lakes, and data warehouses leveraging unstructured databases and big data platforms.
• Ability to optimise data security operations including ruleset tuning, triaging, and reporting or solutions such as DLP and data discovery.

The Following Skills Are Also Preferred

• Experience in secure configuration of container-based architectures and implementations (e.g., Kubernetes, Docker, etc.).
• Technical skills including scripting - Python/JAVA/ASP/C#/PowerShell, Coding frameworks.
• We welcome candidates with various security certifications and exposure to other security domains (e.g., Cloud).

Connect to your service line – Technology and Transformation
Distinctive thinking, deep expertise, and collaborative working. That's what connects us. That's what makes us Deloitte. If you want to help solve some of the biggest challenges around, join us. Together, we'll make an impact that matters.

Personal independence
Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to several audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm. The recruitment team will provide further detail as you progress through the recruitment process.

Connect to your Industry.
"What attracted me to Deloitte were the endless opportunities and the collective experience of other like-minded individuals. Deloitte's clients include many of the world's largest organizations; I wanted to be part of a team that made a difference that I could be proud of." Dan, Consulting

Connect with your colleagues
Location: Cairo. Egypt

Your Work, Your Way: We call our hybrid working vision Deloitte Works. And it does. We trust you to make the right choices around where, when, and how you work. You'll be able to make decisions about how you work best, to be collaborative, learn from colleagues, share your experiences, build the relationships that will fuel your career and prioritize your wellbeing. Having great conversations with your team and your leadership paves the way for great collaborative ways of working.

Our commitment to you.
Making an impact is more than just what we do: it's why we're here. So we work hard to create an environment where you can experience a purpose you believe in, the freedom to be you, and the capacity to go further than ever before.

We want you. The true you. Your own strengths, perspective, and personality. So, we're nurturing a culture where everyone belongs, feels supported and heard, and is empowered to make a valuable, personal contribution. You can be sure we'll take your wellbeing seriously, too. Because it's only when you're comfortable and at your best that you can make the kind of impact you, and we, live for.

Your expertise is our capability, so we'll make sure it never stops growing. Whether it's from the complex work you do, or the people you collaborate with, you'll learn every day. Through world-class development, you'll gain invaluable technical and personal skills. Whatever your level, you'll learn how to lead.

Connect to your next step.
A career at Deloitte is an opportunity to develop in any direction you choose. Join us and you'll experience a purpose you can believe in and an impact you can see. You'll be free to bring your true self to work every day. And you'll never stop growing, whatever your level.

Job Description:

The primary objectives of the Security Penetration Tester are to deliver and enhance various security services provided to both internal and external systems.

The services include security assessments of applications (API, Mobile, Web application, LLM) and infrastructure, Internal and external Penetration Testing, Segmentation Testing, security design reviews as well as risk assessments. This is a hands-on role, requiring technical skills from the hardware to the application layer.

Key Responsibilities:

• Perform application and infrastructure penetration tests,

• Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications)

• Participate in Security Assessments of networks, systems, and applications

• Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets

Job Requirements:

• Bachelor's degree or higher, technical discipline preferred

• Minimum three years of working experience in Penetration Testing, Mobile application, API, Web Services and Application security

• Good Achievement in one or more of the following (Hack the Box, Hacker One, CVE, Bug Bounty, CTF, etc.)

• Working knowledge of Security principles, techniques, and technologies

• Good understanding of network protocols, design, and operations

• Strong analytical skills and efficient problem solving

• Willingness to learn

• Good English communication skills (written and oral)

Preferable skills
:

• Penetration Testing, Mobile Application and Web Application security Certificates such as OSCP, OSEP, OSWA, OSWE, eLearnSecurity certifications, etc.

• Secure Code review

• Application development background and security knowledge – example of languages includes JS, Type Script, Angler, Swift, C, C#, C++, Java

• Vulnerability Management experience

• Experience with various security tools and products (Burp Suite, Metaspolit, Kali Linux, Fortify, GitHub, Codeql, SonarQube etc.)

• Good understanding of the components of a secure DLC/SDLC

• Vulnerability analysis and application reversing skills

• Understanding of cryptography principles

About noon

noon, the region's leading consumer commerce platform. On December 12th, 2017, noon launched its consumer platform in Saudi Arabia and the UAE, expanding to Egypt in February 2019. The noon ecosystem of services now includes marketplaces for food delivery, quick-commerce, fintech, and fashion. noon is a work in progress; we're six years in, but only 5% done.

noon's mission: every door, everyday.

What we are looking for

Noon's Cybersecurity department, Security operations team is looking for a talented, experienced, and enthusiastic Senior Threat Detection Engineer to help build and scale the Detection & Threat Hunting program at Noon.

The ideal candidate will be someone who has diverse security skill-set (IR, TI, SOC.) and specialized in detecting engineering and threat hunting. The focus area for this role will be on designing and implementing advanced detection mechanisms based on known/emerging attacks and pivoting techniques.

The Sr. Threat Detection will be working on proactive approaches to advance steps ahead of attackers and help in building detection to identify advanced, current and emerging threats. He will be responsible for the design and implementation of security intelligence and detection capabilities across our applications and networks. This role will be assisting in building the strategy and the team for our Detection and Threat Hunting Program. He will be the focal point for the planning and execution of security investigation, response process and coordination of relevant parties when an information security incident occurs.

In addition, documentation, analytical and critical thinking skills, investigation and forensics, and the ability to identify needs and take the initiative are key requirements of this position.

About the role

• Help build and scale the Detection & Threat hunting Program at Noon
• Drive improvements in detection and response capabilities, and operations for the Internal SOC/TI
• Write detection signatures, tune security monitoring systems/ tools, develop automation scripts and correlation rules.
• Work closely with other Security Team members to strengthen our detection and defense mechanisms in regards to, Web applications, Cloud and Network.
• Exhibit knowledge of attacker lifecycle, TTPs, indicators of compromise (IOCs), and proactively implementing countermeasures to neutralize the threats.
• Identifies opportunities to enhance the development and implementation of new methods for detecting attacks and malicious activities.
• Participate as a member of the CSIRT during major incidents and lend contributions to post-Incident review and continuous improvement
• Proactive threat hunting of anomalies to identify IOCs and derive custom snort signatures for the IOCs
• Identifying and managing a wide range of intelligence sources to provide a holistic view of the threat landscape. (OSINT aggregation)
• Work closely with the Red Team and Blue Team to implement custom detection of new and emerging threats, and develop monitoring use cases.
• Coordinate in red teaming activities such as table-top and adversarial simulation exercises.
• Responsible for owning all confirmed incidents. This includes publishing Incident Report, documenting Lessons Learnt and updating Knowledge Base.

Required Expertise:

• Required: Senior level experience in a threat intel, detection, IR, or similar cybersecurity roles for medium to large organizations.
• Required: Technical professional security certifications in Incident Response, Digital Forensics, Offensive Security, or Malware Analysis, such as GCIH, GCFA, GNFA, GCTI, OSCP or similar
• Bachelor's degree in Computing, Information Technology, Engineering or a related field, with a strong security component.
• Hands-on experience in detection engineering, advanced cyber threat intelligence activities, intrusion detection, incident response, and security content development (e.g., signatures, rules, etc.)
• A broad and diverse security skill-set with an advanced understanding of modern network security technologies (e.g. Firewalls, Intrusion Detection/Prevention Systems, Access Control Lists, Network Segmentation, SIEMs, Auditing/Logging and Identity & Access Management solutions, DDoS protection etc.).
• Knowledge of at least one common scripting language (Python, Ruby, Go).
• Experience handling and building a SOAR such as Chronicle's SOAR, Demisto, Phantom or similar tools.
• Experience conducting and leading incident response investigations for organizations, investigating targeted threats such as the Advanced Persistent Threat, Insider Threats . etc.
• Understanding of log collection and aggregation techniques, Elastic Search, Logstash, Kibana (ELK), Syslog-NG, Windows Event Forwarding (WEF), etc.
• Experience with endpoint security agents (Carbon Black, Crowdstrike, etc.).

Preferred Qualifications:

• Hands on experience with Chronicle SIEM/SOAR and Google SecOps
• Expertise in threat hunting in one or more public cloud solutions such as AWS and GCP
• Ability to work with a team or independently with minimal direction/leadership
• Hands-on experience in offensive/defensive web applications security is a big plus for this role.
• Highly motivated and self-directed with a passion for solving complex problems
• Establishes industry expertise through writing, speaking or online presence.

Who will excel?

• We're looking for people with high standards, who understand that hard work matters.
• You need to be relentlessly resourceful and operate with a deep bias for action.
• We need people with the courage to be fiercely original.
• noon is not for everyone; readiness to adapt, pivot, and learn is essential.