Lead Analyst - SOC Monitoring (Cybersecurity)

TL;DR

Lead Analyst - SOC Monitoring (CPX) (Cybersecurity): Managing day-to-day SOC monitoring, incident detection, and response operations with an accent on threat analysis, team leadership, and security tool optimization. Focus on coordinating complex incident responses, conducting proactive threat hunting exercises, and integrating threat intelligence to enhance detection and response capabilities.

Location: Abu Dhabi, United Arab Emirates

Company

Leading AI and cloud computing company focused on large-scale ICT environments.

What you will do

• Lead daily SOC operations including monitoring security systems, triaging, investigating, and resolving incidents while meeting SLAs.
• Coordinate incident response efforts, analyze complex threats using threat intelligence, and lead major investigations with cross-functional teams.
• Mentor and develop SOC analysts through training and guidance.
• Manage and optimize SIEM tools, correlate events from EDR, firewalls, IDS/IPS, and fine-tune detection rules to reduce MTTD/MTTR.
• Conduct threat hunting, oversee vulnerability scanning and patch management, integrating IOCs and TTPs.
• Generate reports on incidents and SOC performance, ensure compliance, and contribute to security policies.

Requirements

• Bachelor’s degree in engineering, computer science, information systems, or quantitative fields.
• CISSP, CISM, GIAC certifications.
• Minimum 10+ years in Information/Cyber Security in large-scale ICT environments.
• High-level understanding of TCP/IP, OSI model, Windows/Unix systems, LAN/WAN, security best practices.
• Expertise in incident response, SIEM (correlation rules, dashboards), packet capture (Wireshark), forensics, threat intelligence.
• Knowledge of cyber kill chain, defense-in-depth, vulnerabilities, malware, lateral movement techniques.