104 Certified Information Systems Security Professional jobs in the United Arab Emirates

Join to apply for the Security Analyst role at Help AG, an e& enterprise company

Join to apply for the Security Analyst role at Help AG, an e& enterprise company

Get AI-powered advice on this job and more exclusive features.

Help AG is looking for a talented and enthusiastic Security Analyst who will have a strong knowledge and interest in network security. Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents.

This role requires:

• 3 - 6 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
• 3 - 6 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows.
  
  

• Follow detailed operational process and procedures to appropriately analyse, escalate, and assist in remediation of critical information security incidents.
• Correlate and analyse events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, threat, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedure.
• Maintain a high degree of awareness of the current threat landscape.
• Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
• Perform other essential duties as assigned.
• Able to work in rotating shifts within a 24/7 operating environment.
  
  

• A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest in internet security, incident detection, network and systems security.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience of analysing and interpreting system, security, and application logs.
• Knowledge of the type of events that both Firewalls, IDS/IPS, and other security related devices produce.
• Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
• TCP/IP knowledge, networking, and security product experience.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• A motivated, self-managed, individual who can demonstrate above average analytical skills and work professionally with peers and customers even under pressure.
• Very good communication skills.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Arabic is preferred.
  
  

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.
  
  

• Seniority level Not Applicable

• Employment type Full-time

• Job function Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at Help AG, an e& enterprise company by 2x

Get notified about new Security Analyst jobs in Dubai, Dubai, United Arab Emirates.

Dubai, United Arab Emirates 50 minutes ago

Dubai, Dubai, United Arab Emirates 1 year ago

Dubai, Dubai, United Arab Emirates 1 year ago

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

We have an urgent requirement for Information Security Analyst for our client based at Abu Dhabi

• Penetration Testing and Red Teaming: Conduct comprehensive penetration testing and red teaming exercises on systems, networks, applications and mobile to identify vulnerabilities and potential entry points for attackers.
• Develop and execute custom tools and scripts to automate testing and exploitation processes.
• Analyze and report on findings, providing detailed explanations of vulnerabilities and recommended remediation steps.
• Simulate advanced persistent threats (APTs) to test the resilience of security controls and incident response capabilities.
• ASM: Continuously discover and catalog all assets, including hardware, software, and network components.
• ASM: Monitor the attack surface for changes and potential vulnerabilities, using automated tools and manual assessments.

• Perform thorough vulnerability assessments to identify and prioritize security weaknesses.
• Utilize industry-standard tools such as Qualys, Nessus or Nexpose and methodologies to uncover vulnerabilities in various environments.
• Provide actionable recommendations for remediation and mitigation strategies.
• Patch management

• Conduct threat modeling and risk assessments to identify potential attack vectors and vulnerabilities.
• Develop and maintain a comprehensive understanding of our systems, networks, and applications to identify potential vulnerabilities.
• Provide recommendations for remediation and mitigation strategies.

• Participate in security incident response and crisis management efforts as needed.
• Collaborate with incident response teams to contain and remediate security incidents.
• Provide technical expertise and guidance during incident response efforts.

• Stay up-to-date with the latest security threats and trends, and adapt testing methodologies accordingly.
• Develop and maintain a comprehensive knowledge of industry-leading security tools and technologies.
• Participate in security research and development efforts to identify and develop new testing techniques and methodologies.

• Collaborate with development teams to implement security patches and fixes.
• Provide technical guidance and support to development teams on security-related issues.
• Communicate complex technical information to non-technical stakeholders in a clear and concise manner.

• Develop and maintain detailed reports on findings, including vulnerability assessments, penetration testing results, and recommendations for remediation.
• Document testing methodologies, tools, and results in a clear and concise manner.
• Maintain accurate and up-to-date records of testing activities and results.

• Bachelor's degree in Computer Science, Information Assurance, or a related field
• OSCP, CEH, or other relevant certifications
• 5+ years of experience in penetration testing, vulnerability assessment, or a related field
• Strong understanding of networking protocols, operating systems, and applications
• Proficiency in programming languages such as Python, C++, or Java
• Experience with penetration testing frameworks and tools such as Nmap, Nessus, Burp Suite, or Metasploit
• Strong analytical and problem-solving skills
• Excellent communication and reporting skills
• Ability to work independently and as part of a team
• Strong attention to detail and ability to maintain accurate records
• Ability to work in a fast-paced environment with tight deadlines

• Experience with cloud-based technologies and cloud security
• Familiarity with Agile development methodologies
• Strong understanding of compliance and regulatory requirements (e.g., GDPR, PCI-DSS)
• Experience with security orchestration, automation, and response (SOAR) tools
• Familiarity with threat intelligence and threat hunting

• Associate

• Full-time

• Information Technology

• Technology, Information and Internet

The security fusion center specialist is responsible for executing various tasks and responsibilities related to the position as assigned by the direct manager. The role involves developing effective response scenarios to deal with different security threats, coordinating with agencies and sectors to ensure availability of necessary information, analyzing threats using predictive security techniques, and managing developmental projects for tools and techniques to detect cases of corruption, fraud, and information leakage.

• It is crucial to strictly adhere to RTA Information Security policies, procedures, and processes.
• One must also follow the Information Security data sharing guidelines for all internal and external data transfers.
• Any Information Security incidents should be immediately reported to your line manager and IT support for prompt guidance and resolution.
• Actively participating in all assigned Information Security training and awareness sessions is vital to enhance knowledge and address potential Information Security risks.

This role requires a strong understanding of security concepts, excellent analytical skills, and the ability to work effectively in a team environment.

• Developing effective response scenarios to deal with different security threats.
• Coordinating with different agencies and sectors to ensure the availability of necessary information.
• Analyzing threats using predictive security techniques to anticipate future security challenges.
• Managing developmental projects for tools and techniques to detect cases of corruption, fraud, and information leakage.

This role demands a strong foundation in security concepts, robust analytical skills, and the capacity to collaborate effectively within a team environment.

• A bachelor's or master's degree in computer science, computer engineering, information systems, or a related field from a recognized university.
• Data management, communication, information analysis, and project management skills.

Candidates must have a passion for security and be willing to learn and adapt to new technologies and processes.

Cyber Security Analyst at Dubai Careers - A Smart Dubai Initiative

Join to apply for the Cyber Security Analyst role at Dubai Careers - A Smart Dubai Initiative

الهدف العام:
تولي المهام المتعلقة بتحليل ومطابقة البرامج والأنظمة التقنية في الدائرة مع متطلبات ومعايير أمن المعلومات المتبعة في حكومة دبي وسياسات الجودة المعتمدة بهذا الشأن وتحليل وحصر أي حالات مخالفة لهذه المعايير والمتطلبات ورفع التوصيات والمقترحات لمعالجتها بالتنسيق مع مختلف الأطراف المعنية

• تحليل وتقييم تأثير المخاطر الأمنية على أية أنظمة أو تقنيات جديدة المراد تطبيقها بالدائرة بما في ذلك إجراء تقييم الثغرات واختبار الاختراق لجميع الأنظمة الداخلية والمتعلقة بالتدقيق والاختبار الأمني ( SOC ) ورفع التوصيات بشأن التعامل معها ومعالجتها وفق التوجهات المعتمدة وأفضل الممارسات
• تحليل البيانات والمعلومات المتواجدة داخل الأنظمة وقواعد البيانات لتحديد مجالات التطوير والتعديل المطلوب اتخاذها بهدف رفع وتحسين مستوى كفاءة أمن وحماية الأنظمة التقنية المطبقة لدى الدائرة
• تنفيذ خطط الحد من المخاطر المؤسسية المرتبطة بتطبيقات وأنظمة تقنية المعلومات ورفع التقارير اللازمة بشأنها لرئيس القسم بشكل دوري أو عند الطلب
• التواصل مع مركز دبي للأمن الإلكتروني بكل ما يتعلق بتطبيق البرامج والنظم التقنية المتعلقة بالأمن السيبراني ووفقاً للتوجهات المعتمدة بهذا الشأن وبما يضمن تطبيقها وفق المعايير المعتمدة بهذا الشأن
• تحليل ورصد ومتابعة حوادث الأمن السيبراني في الدائرة ورفع تقارير بشأنها إلى الرئيس المباشر
• اقتراح آليات ووسائل قابلة للتطبيق للحد من تأثير المخاطر الأمنية المرتبطة بأمن المعلومات ما أمكن والخاصة بالأنظمة التقنية لدائرة المالية التشغيلية ووفق أفضل الممارسات
• إعداد مسودة متطلبات نظم أمن المعلومات، وتقديم المقترحات بشأن آليات تطبيقها وتفعيلها بالدائرة بمختلف الوسائل المتاحة
• التدقيق على الصلاحيات الممنوحة للموظفين على الأنظمة والتقنيات المستخدمة بالدائرة ومدى توافقها مع سياسة أمن المعلومات ومسائل الخصوصية للموظفين وغيرهم من المستخدمين المخولين والموردين والموظفين المؤقتين ورفع التقارير الدورية بشأنها
• المشاركة في تطوير وتنفيذ البرامج والورش التدريبية المعنية بأمن معلومات التطبيقات البرامج والأنظمة التقنية بالدائرة والعمل على توعية مستخدميها وتدريبهم على استخدامها بالشكل المطلوب وفقاً لمعايير ومتطلبات أمن المعلومات.
• المتابعة المستمرة والاطلاع على ما يستجد في مجال العمل في مجال أمن معلومات التطبيقات والأنظمة التقنية وأمن المعلومات السيبراني، وتقديم المقترحات لتطوير إجراءات العمل.
• أية مهام أو واجبات أخرى تتعلق بطبيعة العمل حسب التكليف.

المؤهلات العلمية :

• بكالوريوس في أمن المعلومات/ تقنية المعلومات / أي تخصصات ذات علاقة
• 1- 3 سنوات خبرة لحملة البكالوريوس او ما يعادله في مجالات مشابهة

• شهادات مهنية متخصصة في مجال العمل أمن المعلومات وإدارة قواعد وأنظمة البيانات

• Job Category : Information Security
• Advertiser : Department Of Finance
• Educational-level : Bachelor
• Required Nationality : UAE Only
• Monthly Salary :
• Schedule-Time : Full time
• Job Posting : 26/08/2025
• Unposting Date : 10/10/2025
• Seniority level – Entry level
• Employment type – Full-time
• Job function – Information Technology
• Industries – Government Administration

Dubai Careers - A Smart Dubai Initiative is an employer that values equal opportunity and inclusive hiring practices. Referrals increase your chances of interviewing at Dubai Careers - A Smart Dubai Initiative by 2x

• Conduct comprehensive penetration testing and red teaming exercises on systems, networks, applications and mobile to identify vulnerabilities and potential entry points for attackers.
• Develop and execute custom tools and scripts to automate testing and exploitation processes.
• Analyze and report on findings, providing detailed explanations of vulnerabilities and recommended remediation steps.
• Simulate advanced persistent threats (APTs) to test the resilience of security controls and incident response capabilities.
• ASM: Continuously discover and catalog all assets, including hardware, software, and network components.
• ASM: Monitor the attack surface for changes and potential vulnerabilities, using automated tools and manual assessments.
  
  

• Perform thorough vulnerability assessments to identify and prioritize security weaknesses.
• Utilize industry-standard tools such as Qualys, Nessus or Nexpose and methodologies to uncover vulnerabilities in various environments.
• Provide actionable recommendations for remediation and mitigation strategies.
• Patch management
  
  

• Conduct threat modeling and risk assessments to identify potential attack vectors and vulnerabilities
• Develop and maintain a comprehensive understanding of our systems, networks, and applications to identify potential vulnerabilities
• Provide recommendations for remediation and mitigation strategies
  
  

• Participate in security incident response and crisis management efforts as needed
• Collaborate with incident response teams to contain and remediate security incidents
• Provide technical expertise and guidance during incident response efforts
  
  

• Stay up-to-date with the latest security threats and trends, and adapt testing methodologies accordingly
• Develop and maintain a comprehensive knowledge of industry-leading security tools and technologies
• Participate in security research and development efforts to identify and develop new testing techniques and methodologies
  
  

• Collaborate with development teams to implement security patches and fixes
• Provide technical guidance and support to development teams on security-related issues
• Communicate complex technical information to non-technical stakeholders in a clear and concise manner
  
  

• Develop and maintain detailed reports on findings, including vulnerability assessments, penetration testing results, and recommendations for remediation
• Document testing methodologies, tools, and results in a clear and concise manner
• Maintain accurate and up-to-date records of testing activities and results
  
  

• Bachelor's degree in Computer Science, Information Assurance, or a related field
• OSCP, CEH, or other relevant certifications
• 5+ years of experience in penetration testing, vulnerability assessment, or a related field
• Strong understanding of networking protocols, operating systems, and applications
• Proficiency in programming languages such as Python, C++, or Java
• Experience with penetration testing frameworks and tools such as Nmap, Nessus, Burp Suite, or Metasploit
• Strong analytical and problem-solving skills
• Excellent communication and reporting skills
• Ability to work independently and as part of a team
• Strong attention to detail and ability to maintain accurate records
• Ability to work in a fast-paced environment with tight deadlines
  
  

• Experience with cloud-based technologies and cloud security
• Familiarity with Agile development methodologies
• Strong understanding of compliance and regulatory requirements (e.g., GDPR, PCI-DSS)
• Experience with security orchestration, automation, and response (SOAR) tools
• Familiarity with threat intelligence and threat hunting
  
  

Conduct penetration testing and red teaming on systems networks applications and mobile platforms to identify vulnerabilities. Develop and use custom tools/scripts to automate testing and exploitation. Simulate advanced persistent threats (APTs) to assess security controls and incident response. Continuously discover catalog and monitor all assets for attack surface management (ASM). Perform vulnerability assessments using industry-standard tools (e.g. Qualys Nessus Nexpose) and methodologies. Prioritize and provide actionable remediation recommendations for identified vulnerabilities. Participate in patch management activities. Conduct threat modeling and risk assessments to uncover and prioritize potential attack vectors. Collaborate with incident response teams to contain and remediate security incidents. Provide technical guidance and expertise during incident response and crisis management. Stay updated on latest security threats trends and tools; adapt testing methodologies as needed. Participate in security research and develop new testing techniques/methodologies. Work with development teams to implement security patches and provide security guidance. Communicate complex technical findings to both technical and non-technical stakeholders. Develop and maintain detailed documentation and reports on testing results methodologies and remediation steps. Maintain accurate records of all security testing and assessment activities. Ensure compliance with relevant security certifications and regulatory requirements. Demonstrate strong programming skills (e.g. Python C Java) and knowledge of security tools (e.g. Nmap Burp Suite Metasploit). Work independently and collaboratively in a fast-paced environment managing multiple priorities and deadlines.

• Conduct penetration testing and red teaming on systems networks applications and mobile platforms to identify vulnerabilities.
• Develop and use custom tools/scripts to automate testing and exploitation.
• Simulate advanced persistent threats (APTs) to assess security controls and incident response.
• Continuously discover catalog and monitor all assets for attack surface management (ASM).
• Perform vulnerability assessments using industry-standard tools (e.g. Qualys Nessus Nexpose) and methodologies.
• Prioritize and provide actionable remediation recommendations for identified vulnerabilities.
• Participate in patch management activities.
• Conduct threat modeling and risk assessments to uncover and prioritize potential attack vectors.
• Collaborate with incident response teams to contain and remediate security incidents.
• Provide technical guidance and expertise during incident response and crisis management.
• Stay updated on latest security threats trends and tools; adapt testing methodologies as needed.
• Participate in security research and develop new testing techniques/methodologies.
• Work with development teams to implement security patches and provide security guidance.
• Communicate complex technical findings to both technical and non-technical stakeholders.
• Develop and maintain detailed documentation and reports on testing results methodologies and remediation steps.
• Maintain accurate records of all security testing and assessment activities.
• Ensure compliance with relevant security certifications and regulatory requirements.
• Demonstrate strong programming skills (e.g. Python C Java) and knowledge of security tools (e.g. Nmap Burp Suite Metasploit).
• Work independently and collaboratively in a fast-paced environment managing multiple priorities and deadlines.

• Strong programming skills (e.g. Python, C, Java).
• Knowledge of security tools (Nmap, Burp Suite, Metasploit).
• Ability to communicate complex technical findings to technical and non-technical stakeholders.
• Experience with incident response, crisis management, and patch management activities.

The primary function of this role is to monitor the ENOC environment on a 24/7 basis and conduct initial analysis for events to identify cyber security threats or attacks on ENOC IT/OT assets. In addition, this role performs first response assessment of cyber security incidents and escalates to the Senior Security Analyst for further investigation and response as per approved policies, processes and procedures.

Principal Accountabilities

• Follow response procedures and other CIC related SOPs based on the incident impact analysis and predetermined response actions procedures
• Acknowledge, analyse and validate vulnerabilities/incidents triggered from correlated events through SIEM or other security solutions
• Acknowledge, analyse and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
• Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets
• Gain an understanding of security risks and controls
• Undertake first stages of false positive and false negative analysis
• Perform analysis of log files to collect more contextual information in order to triage security events
• Review and align priority, severity and classification of security incidents
• Collect contextual information and pursue technical root cause analysis and attack method analysis
• Conduct analysis of the events/incidents to identify potential deficiencies in deployed controls that led to the incident materializing
• Analyse reported cyber security events and incidents and recommend remediation and improvement actions
• Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC
• Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions
• Participate in post incident reviews and recommend improvement plans
• Investigate, document, and report on information security issues and emerging trends
• Should be on-call 24 hours per day to respond to security emergencies

Education

• Degree: Bachelor's degree in Computer Science, Engineering or Business field or equivalent; Diploma with additional relevant experience
• Required professional certifications: CISSP, GCTI, GCFA, GNFA (or equivalent)

Experience

• 5+ years of information security or technology experience
• 3+ years in relevant experience
• Working experience in multiple industries (e.g., Energy, Utilities, Retail, Government) is preferable
• Working experience in cyber security threats monitoring and handling
• Exposure to OT security operation center experience is a plus

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology
• Industries: Oil and Gas

JOB TITLE:

Network & Security Analyst L2 - (DXB UAE)

JOB PURPOSE:

The L2 Network & Security Engineer will be responsible for designing implementing and maintaining enterprise-level network infrastructure and security solutions. The role involves troubleshooting network issues ensuring security compliance and optimizing network performance while adhering to industry best practices.

QUALIFICATION:

Bachelors degree in computer science Information Technology Electronics & Communication or related field.

CERTIFICATIONS:

• Cisco CCNA / CCNP
• Palo Alto PCNSE
• F5 Certified Administrator
• Fortinet NSE Certification
• Check Point (CCSA/CCSE)
• Juniper (JNCIS/JNCIP)
• ITIL Foundation

EXPERIENCE:

10-12 Years

RESPONSIBILITIES (INCLUDES ALL TASKS):

• Network Infrastructure:
  • Strong experience in routing & switching (Cisco Juniper Arista).
  • Hands-on with MPLS BGP OSPF EIGRP VLAN VPN SD-WAN.
  • Experience in firewall management (Palo Alto Fortinet Cisco ASA/FTD Check Point).
• Security Operations:
  • Knowledge of Firewalls IDS/IPS DDoS protection NAC Zero Trust.
  • Experience in vulnerability assessment penetration testing and security audits.
• Cloud & Virtualization:
  • Exposure to AWS/Azure/GCP networking & security.
  • Familiarity with VMware NSX SDN ACI.
• Monitoring & Troubleshooting:
  • Proficient in Wireshark SolarWinds PRTG Nagios.

Key Responsibilities:

• Network Management:
  Configure monitor and troubleshoot LAN/WAN/WLAN/SD-WAN networks.
  Manage firewalls load balancers proxies and VPNs.
• Security Implementation:
  Deploy and maintain security policies ACLs threat prevention mechanisms.
  Conduct security assessments patch management and compliance checks (ISO 27001 NIST PCI-DSS).
• Incident Response:
  Investigate and resolve network breaches DDoS attacks malware infections.
  Perform forensic analysis and log reviews.
• Automation & Optimization:
  Implement network automation (Python Ansible Terraform) for efficiency.
  • Optimize network performance latency and bandwidth utilization.
• Collaboration & Documentation:
  Work with L3 teams SOC and IT compliance teams.
  Maintain network diagrams SOPs and audit reports.
• Work under pressure in a fast-paced environment while multi-tasking efficiently.
• Demonstrate excellent problem-solving skills and attention to detail.
• Provide 24/7 network and security support as required.

TECHNICAL SKILLS /COMPETENCIES:

MANDATORY

• Networking: Cisco/Juniper Routing & Switching Firewalls (Palo Alto/Fortinet) VPN SD-WAN.
• Security: Firewalls IDS/IPS Vulnerability Management.
• Protocols: TCP/IP BGP OSPF VLAN DHCP DNS IPv6.
• Tools: Wireshark SolarWinds Splunk Nessus Nmap
• Familiarity with network monitoring tools and best security practices.
• Strong understanding of network infrastructure design and troubleshooting.
• Excellent communication skills in English (both verbal and written).
• Ability to work efficiently in a team-oriented environment with high self-motivation.
• A customer-focused mindset with strong delivery service ethics.
• Good understanding of Monitoring tools such as SolarWinds Manage Engine Ops Manager Zabbix etc.
• Willingness to work in a 24/7 support window.
• Good understanding of the ITSM processes.

OPTIONAL

• Cisco Viptela SD-WAN and Fortinet SDWAN
• Cisco SD Access Cisco ACI
• Cisco or Avaya IPT
• VMware NSX-T
• Network Switches Dell Extreme

SOFT SKILLS:

MANDATORY

• Self-confidence motivation and ability to work independently and in a team
• Ability to collaborate with stakeholders at the operational level
• Strong customer service orientation

About this role

We are seeking a skilled and proactiveAzure Cloud Security Analystto join our cybersecurity team. In this role, you will be responsible for safeguarding our Azure cloud infrastructure, applications, and data by leveraging Azure-native security tools, proactive threat detection, and best-in-class cloud security practices.

You will play a critical role in security monitoring, incident response, identity and access management, vulnerability assessments, and compliance assurance across our cloud environment.

Your responsibilities

Monitor & Detect Threats :

Use Azure-native tools like Sentinel, Defender for Cloud, and Security Center to monitor cloud environments, detect anomalies, and configure security alerts

Incident Response & Investigation :

Investigate security incidents and alerts, perform root cause analysis, and support remediation using tools like Sentinel Playbooks, XDR, and Velociraptor

Identity & Access Management :

Secure Azure AD using MFA, PIM, Conditional Access, and enforce RBAC for least-privilege access across cloud resources

Risk & Vulnerability Management :

Conduct risk assessments and vulnerability scans; identify misconfigurations and enforce policies through Azure Policyand collaboration with DevOps

Network Security & Compliance :

Manage Azure Firewall, NSGs, and WAF; ensure compliance with standards like ISO 27001, C5 : 2020, SOC 2, and GDPR

Automation & DevSecOps :

Automate security operations and integrate controls into CI / CD pipelines using Logic Apps, PowerShell, and Azure Policy

Your qualifications, skills and experience

Hands-on experience with Azure Security Center, Microsoft Defender for Cloud, Azure Sentinel

Strong knowledge ofSIEM toolslike Sentinel or Splunk

Expertise inIAM, including Azure AD, OAuth / SAML, RBAC, PIM, and MFA

Proficient inincident response,threat hunting, andforensic investigation

Deep understanding ofnetwork securityand Azure-native firewall services

Familiarity with security standards : ISO 27001, SOC 2, C5 : 2020, GDPR

Experience with scripting / automation using PowerShell, Python, and Terraform

Location

Dubai

We offer you

Open-minded and international environment and culture, fast-paced and with quick decision-making approach

Encouraging climate where every team member can make a difference and influence decisions and processes

Meritocratic culture where ongoing feedback is part of life to grow and develop

Company that believes in life-long learning and supporting the development of its team

How to apply

If you are passionate about joining a growing and motivated team of financial services enthusiasts and want to contribute to the growth of a leading international FinTech company, please click below to apply.

About us

additiv enables leading financial institutions and brands globally to develop new and transform existing business models, capitalizing on digital innovation and Finance-as-a-Service capabilities.

additiv's API-first cloud platform is one of the world's most powerful solutions in wealth management, credit, and insurance. The technology, together with the global ecosystem of regulated financial service providers, opens new opportunities for banks, insurance companies, asset managers, IFAs but also 'consumer brands' to offer their own and third-party financial solutions quickly and flexibly via existing or new customer channels.

Headquartered in Switzerland, with regional offices in Singapore, UAE, and Germany and 300 employees, additiv serves over 400 financial companies (banks, insurers, asset managers, pension providers, IFAs etc) and brands globally.

For more information, please visit "