Job Title: Cyber Security Specialist (SOC / Incident Response)

Experience: 7–9 Years Location: India - Remote (UAE Business Hours) Employment Type: Full-Time

Job Summary

We are seeking a Cyber Security Specialist to support day-to-day cybersecurity operations for a large enterprise customer in the UAE. This role is operational and hands-on, focusing on SIEM monitoring, incident triage/response, EDR operations, vulnerability management coordination, and maintaining compliance-aligned security operations in line with ISO 27001, SOC2, PCI/DSS, etc.

Key Responsibilities

• Monitor and analyze security events using SIEM, including alert triage, correlation validation, and escalation handling

• Execute incident response activities: triage, containment coordination, evidence capture, and support for root-cause analysis

• Operate and manage EDR tooling: policy management, alert handling, containment actions, and endpoint investigation support

• Support vulnerability management execution: scanning coordination, triage, remediation tracking, and verification

• Perform basic threat hunting and proactive detection improvements based on observed patterns and recurring incidents

• Maintain incident response playbooks, operational SOPs, and case documentation with high-quality reporting

• Support ISO 2700, SOC 2, PCI/DSS operational compliance through evidence collection, reporting, and control execution

• Coordinate with platform, network, and application teams to resolve security events within defined timelines and processes

Required Skills & Qualifications

• 7–8 years of experience in SOC / Cyber Security Operations / Incident Response

• Strong hands-on experience with SIEM operations (alerts, use-cases, dashboards, reporting)

• Strong working experience with EDR tools and endpoint investigation fundamentals

• Practical understanding of incident response lifecycle and operational documentation discipline

• Experience coordinating remediation with cross-functional teams in hybrid/on-prem environments

• Strong knowledge of ISO 27001, SOC 2, PCI/DSS operational control expectations (logging, access, incident handling, evidence)

Preferred Certifications

• CompTIA Security+, CySA+, CEH

• CISSP or CISM

PCI DSS / Payment Security:

• PCIP (ISA) – PCI Professional (Internal Security Assessor)

• Qualified Security Assessor (QSA) (where applicable/available)

Incident / Detection (strong alignment with PCI monitoring requirements):

• GIAC certifications (GCIA, GCIH, GCED)

Cloud Security:

• AWS Certified Security – Specialty

• AWS Certified Solutions Architect – Associate

• Microsoft Azure Security Engineer Associate (AZ-500)

Good to Have

• Telecom, Government or regulated sector experience in security operations

• Familiarity with structured detection frameworks (e.g., MITRE ATT&CK) and improved alert engineering

• Scripting/automation exposure for reporting and operational efficiency