SOC Analyst

This role involves performing continuous monitoring of security events using various tools and devices including SIEM, EDR/XDR, and network security controls. You will investigate alerts associated with malware, ransomware, phishing, and other security threats, and correlate data from multiple sources to identify and respond to multi-stage attacks. Key responsibilities include executing incident triage and analysis, documenting incidents, maintaining timelines, and escalating issues based on severity and SLA requirements.

You will also be tasked with tuning alerts to improve detection accuracy, mapping incidents to the MITRE ATT&CK framework, and participating in handovers and SOC readiness activities. Analyzing vulnerability scan results to identify high-risk vulnerabilities, supporting remediation tracking, and validating fixes are critical aspects of this job.

The ideal candidate should have hands-on experience with SIEM, SOAR, PAM, and Endpoint Security, and possess a strong understanding of cybersecurity frameworks and incident response lifecycles. Experience in a 24x7 SOC environment along with strong technical documentation and incident reporting skills is essential.

This is a full-time position based in Abu Dhabi, United Arab Emirates, and does not support remote work.