35 Cybersecurity Analysts jobs in Abu Dhabi

Conduct penetration testing and red teaming on systems networks applications and mobile platforms to identify vulnerabilities. Develop and use custom tools/scripts to automate testing and exploitation. Simulate advanced persistent threats (APTs) to assess security controls and incident response. Continuously discover catalog and monitor all assets for attack surface management (ASM). Perform vulnerability assessments using industry-standard tools (e.g. Qualys Nessus Nexpose) and methodologies. Prioritize and provide actionable remediation recommendations for identified vulnerabilities. Participate in patch management activities. Conduct threat modeling and risk assessments to uncover and prioritize potential attack vectors. Collaborate with incident response teams to contain and remediate security incidents. Provide technical guidance and expertise during incident response and crisis management. Stay updated on latest security threats trends and tools; adapt testing methodologies as needed. Participate in security research and develop new testing techniques/methodologies. Work with development teams to implement security patches and provide security guidance. Communicate complex technical findings to both technical and non-technical stakeholders. Develop and maintain detailed documentation and reports on testing results methodologies and remediation steps. Maintain accurate records of all security testing and assessment activities. Ensure compliance with relevant security certifications and regulatory requirements. Demonstrate strong programming skills (e.g. Python C Java) and knowledge of security tools (e.g. Nmap Burp Suite Metasploit). Work independently and collaboratively in a fast-paced environment managing multiple priorities and deadlines.

• Conduct penetration testing and red teaming on systems networks applications and mobile platforms to identify vulnerabilities.
• Develop and use custom tools/scripts to automate testing and exploitation.
• Simulate advanced persistent threats (APTs) to assess security controls and incident response.
• Continuously discover catalog and monitor all assets for attack surface management (ASM).
• Perform vulnerability assessments using industry-standard tools (e.g. Qualys Nessus Nexpose) and methodologies.
• Prioritize and provide actionable remediation recommendations for identified vulnerabilities.
• Participate in patch management activities.
• Conduct threat modeling and risk assessments to uncover and prioritize potential attack vectors.
• Collaborate with incident response teams to contain and remediate security incidents.
• Provide technical guidance and expertise during incident response and crisis management.
• Stay updated on latest security threats trends and tools; adapt testing methodologies as needed.
• Participate in security research and develop new testing techniques/methodologies.
• Work with development teams to implement security patches and provide security guidance.
• Communicate complex technical findings to both technical and non-technical stakeholders.
• Develop and maintain detailed documentation and reports on testing results methodologies and remediation steps.
• Maintain accurate records of all security testing and assessment activities.
• Ensure compliance with relevant security certifications and regulatory requirements.
• Demonstrate strong programming skills (e.g. Python C Java) and knowledge of security tools (e.g. Nmap Burp Suite Metasploit).
• Work independently and collaboratively in a fast-paced environment managing multiple priorities and deadlines.

• Strong programming skills (e.g. Python, C, Java).
• Knowledge of security tools (Nmap, Burp Suite, Metasploit).
• Ability to communicate complex technical findings to technical and non-technical stakeholders.
• Experience with incident response, crisis management, and patch management activities.

• Conduct comprehensive penetration testing and red teaming exercises on systems, networks, applications and mobile to identify vulnerabilities and potential entry points for attackers.
• Develop and execute custom tools and scripts to automate testing and exploitation processes.
• Analyze and report on findings, providing detailed explanations of vulnerabilities and recommended remediation steps.
• Simulate advanced persistent threats (APTs) to test the resilience of security controls and incident response capabilities.
• ASM: Continuously discover and catalog all assets, including hardware, software, and network components.
• ASM: Monitor the attack surface for changes and potential vulnerabilities, using automated tools and manual assessments.
  
  

• Perform thorough vulnerability assessments to identify and prioritize security weaknesses.
• Utilize industry-standard tools such as Qualys, Nessus or Nexpose and methodologies to uncover vulnerabilities in various environments.
• Provide actionable recommendations for remediation and mitigation strategies.
• Patch management
  
  

• Conduct threat modeling and risk assessments to identify potential attack vectors and vulnerabilities
• Develop and maintain a comprehensive understanding of our systems, networks, and applications to identify potential vulnerabilities
• Provide recommendations for remediation and mitigation strategies
  
  

• Participate in security incident response and crisis management efforts as needed
• Collaborate with incident response teams to contain and remediate security incidents
• Provide technical expertise and guidance during incident response efforts
  
  

• Stay up-to-date with the latest security threats and trends, and adapt testing methodologies accordingly
• Develop and maintain a comprehensive knowledge of industry-leading security tools and technologies
• Participate in security research and development efforts to identify and develop new testing techniques and methodologies
  
  

• Collaborate with development teams to implement security patches and fixes
• Provide technical guidance and support to development teams on security-related issues
• Communicate complex technical information to non-technical stakeholders in a clear and concise manner
  
  

• Develop and maintain detailed reports on findings, including vulnerability assessments, penetration testing results, and recommendations for remediation
• Document testing methodologies, tools, and results in a clear and concise manner
• Maintain accurate and up-to-date records of testing activities and results
  
  

• Bachelor's degree in Computer Science, Information Assurance, or a related field
• OSCP, CEH, or other relevant certifications
• 5+ years of experience in penetration testing, vulnerability assessment, or a related field
• Strong understanding of networking protocols, operating systems, and applications
• Proficiency in programming languages such as Python, C++, or Java
• Experience with penetration testing frameworks and tools such as Nmap, Nessus, Burp Suite, or Metasploit
• Strong analytical and problem-solving skills
• Excellent communication and reporting skills
• Ability to work independently and as part of a team
• Strong attention to detail and ability to maintain accurate records
• Ability to work in a fast-paced environment with tight deadlines
  
  

• Experience with cloud-based technologies and cloud security
• Familiarity with Agile development methodologies
• Strong understanding of compliance and regulatory requirements (e.g., GDPR, PCI-DSS)
• Experience with security orchestration, automation, and response (SOAR) tools
• Familiarity with threat intelligence and threat hunting
  
  

The Information Security Assistant Manager will be responsible for overseeing the information security and cybersecurity program, ensuring that objectives are met and reporting to top management annually.

Key responsibilities include developing and updating cybersecurity policies, rules, processes, and procedures in line with head office regulatory frameworks, as well as monitoring network activity for malicious activity and evaluating vulnerability reports and patches.

The role also involves coordinating security projects and tasks with the head office, ensuring all aspects of information security and cybersecurity are properly monitored.

• Ensure information security and cybersecurity objectives are defined and met.
• Develop and update cybersecurity policies, rules, processes, and procedures.
• Monitor network activity for malicious activity and evaluate vulnerability reports and patches.
• Coordinate security projects and tasks with the head office.

This critical role plays a pivotal part in safeguarding the organization's information assets and ensuring business continuity.

The Information Security Assistant Manager is responsible for overseeing the security posture of the organization, providing periodic reports to senior management, and implementing Cybersecurity policies, rules, processes, and procedures in line with regulatory frameworks.

Working closely with the Head Office, this role ensures that all aspects of information security and cybersecurity are properly monitored, and security projects and tasks are coordinated effectively.

The incumbent identifies and evaluates changes in local regulations and industry trends, such as new products, attacks, and countermeasures, to ensure applicability within the organization.

The role is also responsible for executing Business Continuity activities, including regular Business Impact Analysis, tests, and reporting, aligned with the Group model.

• Maintaining vigilance on vulnerability reports, vendor hot-fixes, and patches for deployed technologies
• Ensuring proper access control across all systems
• Developing and delivering Cybersecurity and Business Continuity Training Programs

Role: Business Support Senior Officer

Location: Abu Dhabi

Role Purpose:

• This position plays a vital role in driving business information security management reporting to the chief information security officer (CISO) as the primary point of contact internally and externally.
• The incumbent will hold a management role, responsible for managing information security changes and improvement initiatives.
• They will work closely with the CISO, all GISD leaders, Emiratization department in HR, and new joiners, as well as other GISD management teams, to follow up on GISD performance measures and assist in the delivery of information security cross-unit initiatives.
• In addition, this role will support information security management in coordinating initiatives between GISD and executive management stakeholders, other business functions departments, IBGs, and ADIB subsidiaries' central bank, and the UBF.

Key Accountabilities of the Role:

• Ensure full responsibility for emiratization projects and development within the GISD team and maintain a healthy ratio according to ADIB goals.
• Responsible for CISO office communication to external departments and subsidiaries.
• Ensure the follow-up action related to GISD staff strategy is tracked across GISD.
• Ensure maintenance of the CISO workbook for GISD leaders prioritization and tracking is done centrally.
• Ensure all recruitment and onboarding are executed timely.
• Ensure external relationship awareness and branding of GISD team is managed and consolidated in alignment with CISO strategy.
• Involved in day-to-day business functions, they coordinate and collaborate with various departments and team members in many organizational structures.
• Handle onboarding of new employees, orientation, and introductory training for new joiners.
• Help build initiatives and create a positive team culture through engagement and initiatives to foster diversity, inclusion, and team building.
• Collaborate with stakeholders to develop and deliver training programs on information security best practices.
• Collaborate with other heads and managers across the Group Information Security Department (GISD) and ADIB to assess their needs and gather inputs.
• Building relationships with GISD leadership teams to understand processes, procedures, and control.
• Promoting self-critical and continuous assessment and improvement cybersecurity culture (people, process, and technology) are brought to light and addressed in an effective, innovative, and timely manner.
• Support CISO with committee and board meeting requirements.
• Reconciles invoices and payment based on monthly spending.
• Work with GISD senior management and leadership team to scope and prioritize information security services.
• Work with the team to support and deliver information security events and activities, including security awareness programs, campaigns, team building.
• Coordinate with HR, Marketing Communication, and other business departments in planning, organizing, and enhancing cyber security branding.
• Act as the point of contact and communicate services status to internal participants and external stakeholders.

Key Responsibilities:

• Manage technical delivery of security services by managed security service providers.
• Serve as key point of contact for information security operational requests.
• Review supplier provided reports and ensure adherence to agreed SLAs.
• Ensure effectiveness of security services provided by managed services provider for detection, prevention, protection and remediation of security incidents.
• Enforce information security controls to meet Etihad security standards, policies and regulatory requirements by managed services provider.
• Provide support for information security investigation requests.
• Report status of information security situational awareness as requested.
• Ensure service provider applies security policies, requirements and controls to all supported platforms.
• Support security services providers to define and document security procedures and configurations.

Required Skills:

• Graduate degree in Computer Science or Management Information Systems.
• A minimum of 5+ years of experience in Cybersecurity.
• Deep knowledge and experience of security technologies and processes delivered in a Managed Security Services environment.
• Understanding of ISO27001, NIST, UAE Govt Cybersecurity standards and international regulations pertaining to Information Security and data privacy.
• Proficiency in industry standard Service Management Operations principles: Incident Management, Vulnerability Management, Change Management etc.
• Ability to manage execution of projects by security services providers and internal teams.
• Strong written and oral communication skills required.

We are seeking an experienced Information Security Specialist to join our team. As a key member of our organization, you will be responsible for handling support requests from our customers.

1. You will receive requests via email or calls and handle them according to our established support workflow.

1. Effective communication with customers on tickets, health checks, projects, and technical work is crucial.

1. You may need to work as a resident engineer at customer sites based on business requirements.

1. Proper use of tools, documentation of tickets, and follow-up on escalations meeting SLA are critical tasks.

1. Continuous learning through technical training and achieving certification is essential for career development.

1. You will also work on projects, POCs, and documentation.

1. Customer satisfaction, professionalism, accuracy, and high-quality work are our primary targets.

The Cyber Security Manager will be responsible for leading the organization's cyber and information security strategy, governance, risk management, and compliance initiatives across all business units.

This role ensures the effective implementation and continuous improvement of security controls, leveraging hands-on expertise in Azure cloud security, automation, scripting, and information security management systems.

The manager will drive certification efforts, oversee business continuity and disaster recovery readiness, and lead both internal and external audit engagements.

This position requires close collaboration with stakeholders to identify, track, and remediate risks, as well as to guide incident response and manage security committees focused on information security, business continuity, and key risks.

• Lead the development, implementation, and continuous improvement of the organization's cyber and information security strategy, policies, and procedures.
• Manage Azure cloud security operations, including hands-on use of native security tools, automation, and scripting to enhance security posture and efficiency.
• Develop and document security policies, standards, processes, and procedures.
• Establish and maintain an Information Security Management System (ISMS), achieving and maintaining relevant certifications.
• Oversee Business Continuity Management (BCM), including planning, conducting disaster recovery (DR) drills, and reviewing project readiness.
• Lead internal audit activities and manage external audit engagements, preparing responses and ensuring compliance with regulatory and industry standards.
• Maintain and update the risk register, collaborating with project teams to identify, track, remediate, and close security risks across business units.
• Develop and maintain an audit calendar to assess control effectiveness and ensure ongoing compliance.
• Lead security incident response efforts, guiding the team in responding to and managing incidents effectively.
• Chair and manage working committees focused on Information Security, Business Continuity, and Risk Management.
• Develop and implement risk remediation plans to address identified vulnerabilities and threats.
• Foster a culture of security awareness and continuous improvement throughout the organization.

• 10-15 years of progressive experience in cyber security and information security, with leadership in large-scale environments.
• Extensive hands-on experience with Azure cloud security native tools, automation, and scripting for security operations.
• Experience establishing and maintaining an ISMS and achieving relevant certifications.
• Experience in Business Continuity Management (BCM), including planning, DR drills, and project readiness reviews.
• Strong background in internal and external audit processes, including stakeholder communications.
• Expertise in risk management across business units and developing audit calendars to assess control effectiveness.
• Leadership in security incident response and crisis management.
• Experience running working committees focused on information security, business continuity, and risk management.
• Excellent stakeholder management and collaboration skills.
• Relevant certifications such as CISSP, CISM, ISO 42001 Lead Implementer, CRISC, or Azure Security Engineer are highly desirable.

A dynamic work environment with opportunities for growth and development.

Competitive salary and benefits package.

Recognition and rewards for outstanding performance.

A collaborative and supportive team environment.

Opportunities for professional development and career advancement.

A challenging and rewarding role that contributes to the success of the organization.

Submit your application, including your resume and cover letter, to apply for this exciting opportunity.

We look forward to hearing from you soon.

Abu Dhabi, United Arab Emirates | Posted on 08/18/2025

CyberGate Defense, an IHC company, is a leading force in cybersecurity innovation, dedicated to enhancing the digital resilience of organizations across the region. Established with the mission to fortify the region’s cybersecurity landscape, CyberGate harnesses extensive expertise to tackle complex information security and operational challenges.

Our commitment to driving progress is reflected in our broad range of cybersecurity services and solutions. By leveraging cutting-edge, disruptive technologies, we deliver transformative, human-centric security solutions that safeguard organizations and empower them to navigate a secure and dynamic digital future.

With a wealth of in-house knowledge, CyberGate Defense is well-equipped to address the most intricate cybersecurity issues. We strive to make digital transformation secure, accessible, and beneficial, ensuring that organizations throughout the region thrive in an increasingly interconnected digital world.

Job Description:

The Principal Information Security Consultant shall be the primary technical liaison between our clients and our internal security teams. In this critical role, the consultant will leverage their deep understanding of information security concepts and technical expertise to bridge the gap between client needs and the specialized teams, including Security Operations Center (SOC), Vulnerability Assessment and Penetration Testing (VAPT), Azure Security, and Governance, Risk, and Compliance (GRC). This is an individual contributor role with no direct reports or managerial responsibilities.

Key Responsibilities:

1. Act as the primary point of contact for clients, translating their information security requirements and concerns into actionable tasks for CyberGate's internal teams.
2. Provide expert guidance and consultation to clients on a wide range of information security topics, including threat landscapes, best practices, and emerging technologies.
3. Collaborate closely with SOC teams to understand incident response activities, provide client-facing updates, and help clients interpret security alerts and reports.
4. Work with VAPT teams to articulate client scope, interpret vulnerability reports, and advise clients on remediation strategies and prioritize findings.
5. Liaise with Azure security specialists to understand cloud security posture, discuss architecture, and provide recommendations to clients for securing their Azure environments.
6. Engage with GRC teams to ensure client compliance needs are met, assist in policy development, and help clients navigate regulatory frameworks.
7. Conduct technical deep-dives and provide high-level architectural insights to both clients and internal teams to facilitate effective security solutions.
8. Develop and deliver clear, concise, and technically accurate documentation, reports, and presentations for clients and internal stakeholders.
9. Stay up-to-date with the latest information security trends, vulnerabilities, and technologies to provide proactive and informed advice.

Qualifications:

• Extensive experience in information security, with a strong foundational understanding across various domains (e.g., network security, application security, cloud security, incident response, compliance).
• Demonstrable technical proficiency to effectively communicate and collaborate with specialized security teams (SOC, VAPT, Azure, GRC).
• Proven ability to translate complex technical information into understandable terms for both technical and non-technical audiences.
• Exceptional client-facing communication and interpersonal skills, with a track record of building strong client relationships.
• Strong analytical and problem-solving abilities, with a keen eye for detail.
• Ability to work independently and manage multiple client engagements simultaneously in a fast-paced environment.
• Relevant industry certifications (such as CISSP, CISM, CISA, CCSP) are highly desirable.

Education:

Bachelor’s degree in computer science, Information Security, or a related technical field. A master’s degree is a plus.