Associate Security Analyst

We are looking for a talented and enthusiastic Emirati national to join our Security Operations Centre (SOC) team as a Security Analyst. If you have a strong knowledge and interest in network security, this position might be the right one for you.

The Associate Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool to detect and identify IT security-related incidents.

This role requires 2–3 years of experience in information security in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration, and 2–3 years of experience in one of the following:
Network operations or engineering, or system administration on Unix/Linux/Windows.

• Follow detailed operational processes and procedures to analyze,escalate, and assist in remediation of critical information security incidents.
• Correlate and analyze events using Splunk, Log Rhythm, and Qradar SIEM tools to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies such as SIEM, IDS/IPS, firewalls, switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services within documented SLAs.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedures.
• Maintain a high degree of awareness of the current threat landscape.
• Participate in knowledge sharing with other analysts and write technical articles for internal knowledge bases.
• Perform other essential duties as assigned.
• Work rotating shifts within a 24/7 operating environment.

Emirati candidates with a family book will be preferred for this role.

A degree in Computer Science, Information Systems, Electrical Engineering, or a closely related field.

An active interest in internet security, incident detection, network and systems security.

Sound knowledge of IT security best practices, common attack types, and detection/prevention methods.

Demonstrable experience of analyzing and interpreting system, security, and application logs.

Knowledge of the type of events that firewalls, IDS/IPS, and other security devices produce.

Experience using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, Nitro Security, etc.

TCP/IP knowledge, networking, and security product experience.

Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.

Understanding of common attack activities (scans, man‑in‑the‑middle, sniffing, DoS, DDoS, worms, Trojans, viruses, etc.).

Certifications such as CCNA, CISSP, GCA, GCIA, GCIH, CEH are preferable.

Outstanding organizational, analytical, problem‑solving, communication, and interpersonal skills.

Motivated, self‑managed, and able to work professionally with peers and customers under pressure.

Strong written and verbal skills in English and Arabic (mandatory).