SOC Lead; Arabic Speaker

Help AG is looking for talented and enthusiastic individuals to join as SOC Lead within our Managed Security Services (MSS) Unit. Resident Resources are deployed at customer sites across the UAE as part of MSS projects and work alongside customer governance and operations teams and other Help AG MSS teams. If you have 6-8 years’ experience in cyber security, strong technical skills as individual contributors, and a deep interest in security analysis/threat hunting/incident response/CyOps, you may find your next opportunity at Help AG

• An onsite SOC Lead will analyze the SOC service performance, industry threats, advisories, and general industry developments on a continuance basis. This on-site resource shall provide advice for automating & enhancing the ongoing SOC operations as well as general cybersecurity improvements.
• Support offsite SOC in contextualizing the alerts.
• Support L2 SOC Analysts.
• Support Cyber Threat Intelligence Analysts.

• Minimum 8 years work experience in a cyber security discipline. Native Arabic speaker is a must.
• A degree in Computer Science, Information Systems, or a closely related discipline.
• Hands‑on experience in various security technologies: SIEM (Splunk), EDR (McAfee, MS Defender, PA XDR), Cloud app security (Azure, Sentinel, AIP), Cyber Threat Intelligence, Firewalls, and endpoint security products (Palo Alto, Fortigate, Forcepoint), PAM (Cyber Ark).
• Experience in developing playbooks / use cases.
• Experience in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
• An active and demonstrable interest in cybersecurity, cyber threat detection, cyber threat intelligence, incident detection and response.
• Demonstrable experience in analyzing and interpreting threat intelligence indicators, TTPs, and threat actors.
• Sound knowledge of TCP/IP, networking, IT security best practices, common attack types such as scans, man‑in‑the‑middle, sniffing, DoS, DDoS, etc., possible abnormal activities, such as worms, Trojans, viruses, etc. and detection/prevention methods.
• Knowledge of the type of events that firewalls, IDS/IPS, and other security‑related devices produce.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
• One or more of the below certifications (not limited to): CISSP/CISM/CISA/CCSP, GCIA/GCIH/GSOC, CEH/OSCP/OSCE.
• Strong analytical and problem‑solving skills, outstanding organization skills.
• Strong verbal and written communication skills.
• Ability to speak and write in English and Arabic is required.

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Annual flights tickets.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Open door policy.