Experience: 7–9 Years Location: Pakistan (Hybrid)(UAE Business Hours)
Employment Type: Full-Time
Job Summary
We are seeking a Cyber Security Specialist to support day-to-day cybersecurity operations for a large enterprise customer in the UAE. This role is operational and hands‑on, focusing on SIEM monitoring, incident triage/response, EDR operations, vulnerability management coordination, and maintaining compliance‑aligned security operations in line with ISO 27001, SOC 2, PCI/DSS, etc.
Key Responsibilities
Monitor and analyze security events using SIEM, including alert triage, correlation validation, and escalation handling
Execute incident response activities: triage, containment coordination, evidence capture, and support for root‑cause analysis
Operate and manage EDR tooling: policy management, alert handling, containment actions, and endpoint investigation support
Support vulnerability management execution: scanning coordination, triage, remediation tracking, and verification
Perform basic threat hunting and proactive detection improvements based on observed patterns and recurring incidents
Maintain incident response playbooks, operational SOPs, and case documentation with high‑quality reporting
Support ISO 2700, SOC 2, PCI/DSS operational compliance through evidence collection, reporting, and control execution
Coordinate with platform, network, and application teams to resolve security events within defined timelines and processes
Required Skills & Qualifications
7–8 years of experience in SOC / Cyber Security Operations / Incident Response
Strong hands‑on experience with SIEM operations (alerts, use‑cases, dashboards, reporting)
Strong working experience with EDR tools and endpoint investigation fundamentals
Practical understanding of incident response lifecycle and operational documentation discipline
Experience coordinating remediation with cross‑functional teams in hybrid/on‑prem environments
Strong knowledge of ISO 27001, SOC 2, PCI/DSS operational control expectations (logging, access, incident handling, evidence)
Preferred Certifications
Comp TIA Security+, Cy SA+, CEH
CISSP or CISM
PCI DSS / Payment Security
PCIP (ISA) – PCI Professional (Internal Security Assessor)
Qualified Security Assessor (QSA) (where applicable/available)
Incident / Detection (strong alignment with PCI monitoring requirements)
GIAC certifications (GCIA, GCIH, GCED)
Cloud Security
AWS Certified Security – Specialty
AWS Certified Solutions Architect – Associate
Microsoft Azure Security Engineer Associate (AZ-500)
Good to Have
Telecom, Government or regulated sector experience in security operations
Familiarity with structured detection frameworks (e.g., MITRE ATT&CK) and improved alert engineering
Scripting/automation exposure for reporting and operational efficiency
