Mid-Level Cyber Security Engineer

Abu Dhabi, United Arab Emirates | Posted on 11/22/2024

We are seeking a Cyber Security Operations Engineer with a strong background in security operations, threat detection, and incident response. The ideal candidate will have experience with advanced security technologies, including SIEM, SOAR, EDR, XDR, NDR, and more, to help defend against cyber threats and ensure the security of our digital assets. This role requires hands‑on expertise with security tools such as McAfee ePO, Antivirus, EPP, DLP, and Data Classification technologies.

As a Cyber Security Operations Engineer, you will play a critical role in monitoring, detecting, and responding to security incidents, working closely with other security teams and stakeholders to protect the organization's infrastructure.

• Monitor security alerts and data from various security platforms (e.g., SIEM, NDR, EDR, XDR) to detect and respond to potential threats.
• Utilize SIEM tools (e.g., Splunk, Arc Sight, QRadar) to aggregate, analyze, and correlate logs and events for threat detection and incident investigation.
• Lead or participate in incident response activities, including analysis, containment, eradication, and recovery.
• Use SOAR platforms (e.g., Demisto, Phantom, Swimlane) to automate and orchestrate incident response workflows.
• Investigate security incidents across endpoints, networks, and applications and provide recommendations for remediation.
• Leverage threat intelligence feeds and integrate them with SIEM/XDR platforms to enhance detection capabilities.
• Continuously tune and optimize security tools to improve detection and response times, minimizing false positives.

• Manage and fine‑tune the configuration of security tools, including McAfee ePO, Antivirus, EPP (Endpoint Protection Platform), and DLP (Data Loss Prevention) solutions.
• Support the implementation and maintenance of network and endpoint security solutions (EDR, NDR, XDR).

• Ensure data security policies are enforced using Data Loss Prevention (DLP) tools and data classification frameworks.
• Implement and enforce best practices for protecting sensitive and confidential data, adhering to internal and external compliance requirements.

• Work with vulnerability management teams to identify, assess, and remediate security weaknesses across the enterprise infrastructure.
• Conduct regular assessments to ensure endpoint protection and security tools are up to date and fully operational.
• Work closely with IT, Network, and Development teams to ensure security measures are incorporated into the infrastructure and applications.
• Provide regular reports to management on security incidents, trends, and improvements to the security posture.

• Assist in creating and delivering security awareness training for employees, ensuring that security protocols and best practices are understood and followed.

• Maintain documentation of security incidents, investigations, and system configurations in accordance with compliance and audit standards.
• Assist in compliance efforts for relevant security frameworks and regulations (e.g., GDPR, HIPAA, PCI‑DSS).

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent work experience.

• 3‑5 years of experience in security operations or a related field, with hands‑on experience using a variety of security technologies and tools.

• Security Tools: Extensive experience with SIEM platforms (e.g., Splunk, QRadar, Arc Sight), SOAR (e.g., Demisto, Forti Soar), EDR (e.g., Crowd Strike, Cybereason, Carbon Black), XDR, NDR, EPP, DLP, and Data Classification tools.
• Endpoint Security: Familiarity with McAfee ePO, Antivirus solutions, and endpoint protection tools.
• Network Security: Experience with network security technologies, firewalls, IDS/IPS, and NDR platforms.
• Scripting & Automation: Experience with scripting languages (e.g., Python, Power Shell) to automate security workflows and…