Cyber Security Operations Engineer

Cyber Security L2 Engineer (Security Operations) Role

Purpose:

• The Cyber Security L2 Analyst will be part of Organization’s Enterprise grade Security Operations function, responsible for day-to-day operational security monitoring, incident handling, and control administration across a diverse enterprise security landscape.
• The role is operations-centric. Hands‑on experience in Security Operations, Incident Response, and control management is mandatory.
• Product‑specific expertise with expected familiarity at L2 operational level in Enterprise Security technologies across key areas like, but not limited to Perimeter Security, End‑point Security, Email Security, Data Security, Application Security and Threat & Vulnerability Management.

• Perform L2-level incident investigation and response across security platforms and infrastructure.
• Analyze alerts, logs, and events to determine root cause, impact, and containment actions.
• Support incident escalation, coordination, and resolution in line with defined SLAs.
• Assist in Incident analysis and support post‑incident reviews and RCA documentation.

• Administer, review, and fine‑tune security policies, rules, and configurations across deployed security controls.
• Ensure policies align with organization security standards, compliance requirements, and risk posture.
• Support implementation of new security controls and enhancements as per approved designs.

• Monitor health, performance, and availability of security appliances and platforms.
• Identify and proactively address issues related to capacity, stability, or degradation.
• Coordinate with vendors and internal teams for issue resolution when required.

• Support patching, upgrades, and version lifecycle management for security products (with OEM Support).
• Validate post‑patch / post‑upgrade stability and security posture.
• Ensure changes follow Change Management and ITIL processes.

• Prepare and maintain:
  • Operational reports
  • Incident and investigation reports
  • Log validation evidence
  • Root Cause Analysis (RCA) documents

• Work closely with SOC, Infrastructure, Network, and Application teams.
• Contribute to process improvements and operational readiness.

• Total IT experience:
  Minimum 15 years overall professional IT experience.
• Cyber Security experience:
  Minimum 7 years of hands‑on experience in Cyber Security / Security Operations. Transition from Network Security would be highly desirable.
• Demonstrated experience working in enterprise‑scale or government environments with complex security ecosystems.
• Strong exposure to operational security functions, including incident response, monitoring, policy enforcement, and control management.
• Experience and working knowledge of UAE Cyber Security frameworks, standards, and regulatory requirements is highly desirable.

• Must Have on Network Security & Platform Security – Cisco CCNA Security / CCNP Security / F5 WAF Certified Technology Specialist / CompTIA Security+
• Good to Have - CISSP / NIST Cybersecurity Framework.