488 Cybersecurity jobs in the United Arab Emirates

Job Description:

• The Threat Intelligence Manager will be responsible for leading and managing the threat intelligence function to identify, collect, analyze, and report on potential and existing cyber threats.
• This role focuses on understanding the threat landscape, developing proactive strategies, and delivering intelligence-driven insights to protect information assets and reputation.

Key Responsibilities:

• Manage the Threat Intelligence function in alignment with strategic objectives and risk management practices.
• Develop and manage a comprehensive Threat Intelligence program that proactively identifies, analyzes, and disseminates critical actionable intelligence.

Requirements:

• 10 years of experience in threat intelligence and cyber threat analysis, preferably within large financial institutions.
• Hands-on experience in malware analysis, reverse engineering, and digital forensics investigations.

Candidate Profile:

• Bachelor's or Master's degree in engineering, IT, or a related technical discipline.
• Relevant certifications such as GCTI (GIAC Cyber Threat Intelligence), CTIA (Certified Threat Intelligence Analyst), CISSP, CISM, GCFA, GREM, EnCase Certified Examiner (ENCE).

Help AG is seeking a skilled professional to join as a Senior Threat Intelligence Specialist.

• Apply intelligence tradecraft techniques to gather, analyze and disseminate actionable threat intelligence to enhance cyber defense strategies.
• Operate and manage Threat Intelligence Platforms (TIPs) for ingesting, enriching, and correlating threat data from multiple internal and external sources.
• Conduct detailed threat assessments to evaluate the relevance, credibility, and potential impact of threats on organizational assets and operations.

The ideal candidate will have a strong background in threat intelligence, with a minimum of 6-7 years of experience in the field. They will possess excellent analytical and problem-solving skills, as well as strong written and verbal communication skills.

• Collaborate with SOC, IR, and vulnerability management teams to operationalize threat intelligence in detecting and mitigating threats.
• Monitor open-source intelligence (OSINT), dark web, and commercial feeds to identify emerging threats and trends.
• Recommend improvements to threat intelligence workflows and data integration strategies.

In this role, you will have the opportunity to work closely with one of our esteemed clients. This client is a global leader known for its commitment to quality and innovation. They have chosen Dautom as their trusted partner for their upcoming projects.

Job Description:

• Provide cyber risk and threat identification by proactively and continuously monitoring the internal and external landscape for relevant events, risks and threats related to malicious code, vulnerabilities, and attacks.
• Ownership of threat intelligence monitoring tool services, product contracts and relationships.
• Assist in the evaluation, development, testing, and implementation of emerging data access control technologies, information systems security issues, safeguards, and techniques.
• Recommend mitigation Tactics Techniques and Procedures (TTPs) for identified malicious logic within the customer's environment.
• Maintain current knowledge of tools and best practices in advanced persistent threats.
• Perform periodic and ad-hoc threat hunting exercises using the Threat Intelligence tools and ensure delivery of the below services working with the OEM:
  • Attack Surface Management
  • Dark Web and Cyber Crime Monitoring and Intelligence
  • Brand Protection and Social Media Monitoring
  • VIP/Executive Monitoring
  • Cyber Threat Intelligence
  • Incident Response

Role: Threat Intelligence Manager

Location: Abu Dhabi

Role Purpose:

• Reporting to the Head of Information Security Cyber Defense Operations the Threat Intelligence Manager will be responsible for leading and managing the threat intelligence function to identify collect analyze and report on potential and existing cyber threats.
• This role will focus on understanding the threat landscape developing proactive strategies and delivering intelligence-driven insights to protect ADIBs information assets and reputation.
• The Threat Intelligence Manager will collaborate closely with internal stakeholders and external intelligence communities to continuously enhance threat detection analysis and reporting capabilities.
• This role demands exceptional leadership skills strategic thinking and the ability to provide actionable intelligence to key decision-makers.

Key accountabilities of the role:

• Manage the Threat Intelligence function in alignment with ADIBs strategic objectives and risk management practices.
• Develop and manage a comprehensive Threat Intelligence program that proactively identifies analyzes and disseminates critical actional intelligence.
• Continuously improve intelligence-gathering techniques and methodologies to enhance detection and response capabilities.
• Foster a proactive approach to identifying new and emerging threats that could impact ADIBs business operations.
• Conduct threat profiling to identify and analyze threat actors their tactics techniques and procedures (TTPs).
• Perform malware analysis and reverse engineering to understand threat behavior and develop countermeasures.
• Conduct forensic investigations ensuring accurate collection preservation and analysis of digital evidence.
• Integrate threat intelligence outputs with SOC and incident response processes.
• Develop actionable intelligence products including reports briefs and presentations for technical and executive audiences.
• Maintain strong relationships with internal and external stakeholders including FS-ISAC and intelligence-sharing communities.
• Coordinate with SOC and Incident Response teams for joint threat mitigation efforts.
• Maintain the chain of custody and evidence integrity throughout the investigation lifecycle
• Generate forensic investigation reports presenting findings and recommended actions to management and stakeholders
• Work closely with SOC and Incident Response teams to investigate analyze and respond to cyber incidents.
• Lead the deployment and maintenance of Threat Intelligence Platforms (TIPs) to aggregate correlate and analyze threat data.
• Oversee third-party vendors and ensure their compliance with security standards.

Experience and skills / technical knowledge required for this role:

• 10 years of experience in threat intelligence and cyber threat analysis preferably within large financial institutions.
• Hands-on experience in malware analysis reverse engineering and digital forensics investigations.
• Experience in collecting preserving and analyzing digital evidence in compliance with legal and regulatory standards.
• Proficiency with forensic tools and techniques such as EnCase.
• Strong knowledge of threat intelligence platforms (TIPs) and their integration within SOC environments.
• Deep understanding of cyber threat frameworks such as MITRE ATT&CK Cyber Kill Chain and Diamond Model of Intrusion Analysis.
• Familiarity with OSINT techniques and commercial threat feeds for gathering intelligence.
• Knowledge of cybersecurity standards and regulations (ISO 27001 NESA PCI DSS SWIFT).
• Bachelors or Masters degree in engineering IT or a related technical discipline.
• Relevant certifications such as GCTI (GIAC Cyber Threat Intelligence) CTIA (Certified Threat Intelligence Analyst) CISSP CISM GCFA GREM EnCase Certified Examiner (ENCE).

Required Experience:

Manager

Role: Threat Intelligence Manager

Location: Abu Dhabi

Role Purpose:

• Reporting to the Head of Information Security Cyber Defense Operations the Threat Intelligence Manager will be responsible for leading and managing the threat intelligence function to identify collect analyze and report on potential and existing cyber threats.
• This role will focus on understanding the threat landscape developing proactive strategies and delivering intelligence-driven insights to protect ADIBs information assets and reputation.
• The Threat Intelligence Manager will collaborate closely with internal stakeholders and external intelligence communities to continuously enhance threat detection analysis and reporting capabilities.
• This role demands exceptional leadership skills strategic thinking and the ability to provide actionable intelligence to key decision-makers.

Key accountabilities of the role:

• Manage the Threat Intelligence function in alignment with ADIBs strategic objectives and risk management practices.
• Develop and manage a comprehensive Threat Intelligence program that proactively identifies analyzes and disseminates critical actional intelligence.
• Continuously improve intelligence-gathering techniques and methodologies to enhance detection and response capabilities.
• Foster a proactive approach to identifying new and emerging threats that could impact ADIBs business operations.
• Conduct threat profiling to identify and analyze threat actors their tactics techniques and procedures (TTPs).
• Perform malware analysis and reverse engineering to understand threat behavior and develop countermeasures.
• Conduct forensic investigations ensuring accurate collection preservation and analysis of digital evidence.
• Integrate threat intelligence outputs with SOC and incident response processes.
• Develop actionable intelligence products including reports briefs and presentations for technical and executive audiences.
• Maintain strong relationships with internal and external stakeholders including FS-ISAC and intelligence-sharing communities.
• Coordinate with SOC and Incident Response teams for joint threat mitigation efforts.
• Maintain the chain of custody and evidence integrity throughout the investigation lifecycle
• Generate forensic investigation reports presenting findings and recommended actions to management and stakeholders
• Work closely with SOC and Incident Response teams to investigate analyze and respond to cyber incidents.
• Lead the deployment and maintenance of Threat Intelligence Platforms (TIPs) to aggregate correlate and analyze threat data.
• Oversee third-party vendors and ensure their compliance with security standards.

Experience and skills / technical knowledge required for this role:

• 10 years of experience in threat intelligence and cyber threat analysis preferably within large financial institutions.
• Hands-on experience in malware analysis reverse engineering and digital forensics investigations.
• Experience in collecting preserving and analyzing digital evidence in compliance with legal and regulatory standards.
• Proficiency with forensic tools and techniques such as EnCase.
• Strong knowledge of threat intelligence platforms (TIPs) and their integration within SOC environments.
• Deep understanding of cyber threat frameworks such as MITRE ATT&CK Cyber Kill Chain and Diamond Model of Intrusion Analysis.
• Familiarity with OSINT techniques and commercial threat feeds for gathering intelligence.
• Knowledge of cybersecurity standards and regulations (ISO 27001 NESA PCI DSS SWIFT).
• Bachelors or Masters degree in engineering IT or a related technical discipline.
• Relevant certifications such as GCTI (GIAC Cyber Threat Intelligence) CTIA (Certified Threat Intelligence Analyst) CISSP CISM GCFA GREM EnCase Certified Examiner (ENCE).

Required Experience:

Manager

Job Summary:

We are seeking an experienced Cybersecurity Specialist to join our team. As a key member of our security operations, you will be responsible for managing and implementing enterprise-grade security solutions.

Main Responsibilities:

• Act as the primary point of contact for managed security control clients, providing expert guidance and support for in-scope technologies
• Implement and manage day-to-day firewall operations with a focus on Palo Alto and Fortinet technologies
• Monitor and analyze firewall logs to detect and resolve security incidents in a timely manner
• Execute operational tasks related to Global Load Balancers and Local Load Balancers for efficient traffic distribution
• Conduct regular audits of Web Application Firewalls (WAF) to ensure configurations align with operational needs
• Collaborate with internal teams and manage client relationships to integrate security measures seamlessly into their environments
• Provide hands-on support for troubleshooting, configuration adjustments, and optimization of security tools
• Stay informed about emerging cybersecurity threats and industry best practices to proactively address potential risks
• Develop and maintain comprehensive documentation related to security configurations, processes, and procedures
• Participate in the evaluation and selection of new security technologies and tools to enhance our managed services

Requirements:

• Bachelor's degree in computer science, information technology, or a related field
• Proven operational experience in firewall management using Palo Alto and Fortinet technologies
• Hands-on experience in load balancer operations, particularly with F5 technologies
• Relevant certifications such as PCNSE, NSE4, F5 Certifications are a plus
• Operational knowledge of server security solutions, including TrendMicro and OPSWAT
• Operational knowledge of host-based security solutions, including TrendMicro - Deep Security
• Operational knowledge of Azure Managed Defender & Microsoft Purview
• Expert and in-depth knowledge of complex IP networks
• Familiarity with operational aspects of cybersecurity best practices and industry standards
• Proficient in day-to-day operational tasks related to network security and infrastructure
• Excellent problem-solving skills with a focus on operational efficiency
• Strong communication and collaboration skills to work seamlessly with operational teams
• Ability to prioritize operational tasks in a fast-paced environment

About Us:

We offer a dynamic work environment that values innovation, teamwork, and customer satisfaction.

We are seeking a highly skilled and experienced MSS Threat Intelligence Lead who will be responsible for leading the threat intelligence and brand monitoring functions within our Managed Security Services (MSS) offering. This role is critical in providing proactive actionable intelligence to protect client environments and digital assets from emerging cyber threats. The individual will coordinate closely with key stakeholders including SOC teams, MSS Engineering, Service Delivery Managers (SDMs), Incident Response, Legal and Compliance teams to ensure that intelligence operations are aligned with client requirements and overall business objectives.

The role also involves overseeing threat intelligence collection, analysis, and dissemination as well as leading efforts in digital brand protection, threat actor tracking, and the integration of threat intelligence into operational security workflows.

• Develop and drive the threat intelligence vision, roadmap, and operational strategy across MSS services.
  
• Establish processes for proactive threat hunting, intelligence collection, analysis, and dissemination.
  
• Align threat intelligence practices with industry frameworks such as MITRE ATT&CK, NIST, and ISO 27001.
  

• Lead efforts to detect, analyze, and respond to digital threats targeting client brands (e.g., domain spoofing, phishing, impersonation, and social media abuse).
  
• Monitor dark web, surface web, and deep web sources for brand-related threats using threat intelligence and DRP platforms.
  
• Coordinate takedowns and legal escalations for fraudulent domains, fake profiles, and leaked sensitive data.
  

• Identify emerging threats, IOCs, and TTPs targeting key industries and clients.
  
• Analyze intelligence from OSINT, commercial feeds, industry ISACs, and proprietary MSS telemetry.
  
• Correlate threat data with internal incidents and SOC use cases to enhance detection capabilities.
  

• Deliver strategic, operational, and tactical intelligence reports for internal teams and MSS clients.
  
• Create weekly threat landscape updates, actor profiles, sector-specific threat advisories, and executive briefings.
  
• Establish and maintain intelligence dashboards and alerting mechanisms.
  

• Evaluate and optimize threat intelligence and brand protection platforms.
  
• Work with MSS Engineering to automate threat ingestion, enrichment, and correlation within SIEM and SOAR platforms.
  
• Ensure seamless integration of threat intelligence feeds into detection and response workflows.
  

• Identify intelligence gaps, process inefficiencies, and operational risks related to threat intelligence and brand monitoring.
  
• Establish governance for threat intel validation, classification, and dissemination policies.
  

• Support incident response teams with threat context, adversary attribution, and post-incident retrospectives.
  
• Incorporate lessons learned from incidents into threat models and operational procedures.
  
• Continuously improve threat intelligence operations based on client feedback, evolving threats, and internal audits.
  

8 years in threat intelligence, security operations, or digital risk protection with a focus on brand monitoring, threat analysis, and leadership of cyber intelligence functions.
Strong understanding of threat intelligence lifecycle, SIEM, SOAR, dark web monitoring, phishing detection, log analysis, and security frameworks (MITRE ATT&CK, NIST, ISO

Proven experience managing intelligence-driven initiatives using ITIL, Agile, or PMPaligned methodologies with a track record of cross-functional stakeholder coordination.

Ability to communicate complex threat intelligence concepts clearly to both technical analysts and non-technical executives, including delivering briefings, reports, and threat advisories.

Excellent analytical and investigative skills to identify emerging threats, detect anomalies, and drive proactive mitigation strategies.

Bachelor's degree in computer science, Information Security, or a related field.

Help AG is looking for a talented and enthusiastic individual to join as a Senior Threat Intelligence Specialist who will analyze, curate, and operationalize threat intelligence to enhance cyber defense strategies. This role focuses on integrating intelligence with security systems, providing actionable insights, and optimizing Threat Intelligence Platforms (TIPs) for maximum efficiency. The specialist will apply advanced expertise to stay ahead of evolving threats, ensuring that intelligence is effectively leveraged to improve organizational security posture. This high-impact position requires both technical acumen and strategic vision to continuously adapt to the dynamic threat landscape

Responsibilities

• Apply intelligence tradecraft techniques to gather, analyze, and disseminate actionable threat intelligence to support cybersecurity operations.

• Operate and manage Threat Intelligence Platforms (TIPs)for ingesting, enriching, and correlating threat data from multiple internal and external sources.

• Conduct detailed threat assessments to evaluate the relevance, credibility, and potential impact of threats on organizational assets and operations.

• Produce timely and well-structured threat intelligence reports for both technical and non-technical stakeholders.

• Collaborate with SOC, IR, and vulnerability management teams to operationalize threat intelligence in detecting and mitigating threats.

• Monitor open-source intelligence (OSINT), dark web, and commercial feeds to identify emerging threats and trends.

• Recommend improvements to threat intelligence workflows and data integration strategies.

• Maintain awareness of evolving threat actor TTPs (tactics, techniques, and procedures) through frameworks like MITRE ATT&CK.

• Monitor and manage threat intelligence artefacts and data hosted on one or more Threat Intelligence Platforms (TIPs).

• Tune and optimize TIPs as necessary, ensuring they remain effective for the detection and analysis of emerging threats.

• Develop and adhere to detailed processes and procedures for analyzing, escalating, and disseminating threat intelligence.

• Correlate threat intelligence using TIPs and other systems, focusing on prioritizing and increasing the relevance of the information to internal clients.

• Oversee the lifecycle of threat intelligence, ensuring it is properly categorized, stored, and updated throughout its lifespan.

• Respond promptly to inbound requests for technical assistance regarding threat intelligence-related queries or tasks.

• Address tickets and cases related to threat intelligence, incidents, and support, ensuring timely resolution within established SLAs.

• Document actions and findings clearly to communicate information effectively within the organization and to external clients.

• Review customer reports to ensure quality, accuracy, and relevance.

• Maintain a high level of awareness of both global and regional threat landscapes, including tracking threat actors, emerging tactics, techniques, and procedures (TTPs).

• Stay updated on geopolitical events and their impact on the security posture of the organization, particularly concerning critical infrastructure and national interests.

• Collaborate with other teams, including threat hunting, Global Security Operations Center (GSOC), and incident response teams, to provide timely and actionable intelligence.

• Participate in internal knowledge-sharing initiatives, including writing technical articles, guidelines, and SOPs for threat intelligence processes.

• Collect and analyze threat intelligence from a variety of sources such as OSINT (Open-Source Intelligence), threat feeds, IOCs (Indicators of Compromise), TTPs, and external advisories.

• Track and monitor relevant threat actors and geopolitical developments, using tools like the dark web and social media channels to gather intelligence.

• Proactively conduct investigations into potential threats, including analyzing incidents related to intellectual property or geopolitical events affecting the organization.

• Provide continuous updates through detailed reports and briefings for relevant stakeholders.

• Assist in creating and refining departmental manuals, guidelines, and standard operating procedures (SOPs) for incident management, security monitoring, and threat response.

Qualifications and Skills

• A Degree in computer science, information systems, electrical engineering or a closely related degree.

• Minimum 6-7 years of experience in Threat Intelligence.

• Strong knowledge and hands-on experience with Threat Intelligence Platforms (TIPs) such as MISP, ThreatConnect, Anomali, Recorded Future, etc.

• Familiarity with intelligence tradecraft methodologies (collection, analysis, validation, and dissemination of intelligence).

• Proficiency in conducting threat assessments and producing intelligence products tailored to different audiences (executive, technical, operational).

• Good understanding of threat actor profiling, TTPs, and frameworks such as MITRE ATT&CK, Diamond Model, and Kill Chain.

• Experience in working with or integrating feeds from OSINT, commercial, and dark web sources.

• An active, demonstrable interest in cyber security, cyber threat detection and cyber threat intelligence.

• Demonstrable experience analyzing and interpreting threat intelligence indicators, TTPs and threat actors.

• A solid understanding of IT systems and network security concepts.

• A sound knowledge of IT security best practices, common attack types and detection / prevention methods.

• Demonstrable experience of analyzing and interpreting system, security and application logs.

• Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce.

• TCP/IP knowledge, networking and security product experience.

• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.

• Industry certifications such as GIAC Cyber Threat Intelligence (GCTI), CEH, CISSP, or Security+ are preferred.

• Exclusive focus and vast experience in IT.

• Strong analytical and problem-solving skills.

• A motivated, self-managed, individual who can demonstrate above average analytical skills and work professionally with peers and customers even under pressure.

• Strong written and verbal skills.

• Strong interpersonal skills with the ability to collaborate well with others

  Benefits
  

• Health insurance with one of the leading global providers for medical insurance.

• Career progression and growth through challenging projects and work.

• Employee engagement and wellness campaigns activities throughout the year.

• Excellent learning and development opportunities.

• Inclusive and diverse working environment.

• Flexible/Hybrid working environment.

• Annual flight to home country.

• Open door policy.

About Us
Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity.

With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

#J-18808-Ljbffr

The ideal candidate will analyze, curate, and operationalize threat intelligence to enhance cyber defense strategies.

This high-impact position requires advanced expertise to stay ahead of evolving threats and effectively leverage intelligence for organizational security posture.

Key Responsibilities:

• Apply intelligence tradecraft techniques to gather, analyze, and disseminate actionable threat intelligence.
• Operate and manage Threat Intelligence Platforms (TIPs) for ingesting, enriching, and correlating threat data from multiple sources.
• Conduct detailed threat assessments to evaluate the relevance, credibility, and potential impact of threats on organizational assets and operations.
• Produce timely and well-structured threat intelligence reports for both technical and non-technical stakeholders.
• Collaborate with SOC, IR, and vulnerability management teams to operationalize threat intelligence in detecting and mitigating threats.
• Monitor open-source intelligence (OSINT), dark web, and commercial feeds to identify emerging threats and trends.
• Recommend improvements to threat intelligence workflows and data integration strategies.
• Maintain awareness of evolving threat actor TTPs through frameworks like MITRE ATT&CK.
• Oversee the lifecycle of threat intelligence, ensuring it is properly categorized, stored, and updated throughout its lifespan.
• Document actions and findings clearly to communicate information effectively within the organization and to external clients.