96 Ethical Hacking jobs in the United Arab Emirates

International Free Zone Authority | IFZA

Bachelor of Technology/Engineering(Computers)

Nationality

Any Nationality

Vacancy

1 Vacancy

Job Description

Job Description

Job Overview:
The Information Security Analyst will be responsible for protecting IFZA's information systems by identifying, assessing, and mitigating security risks. This role involves monitoring, analyzing, and responding to security incidents, implementing security measures, and ensuring compliance with industry standards and regulations. The ideal candidate is proactive, detail-oriented, and possesses strong technical and analytical skills.
Main Responsibilities:

• Threat Monitoring and Incident Response:
  

• Monitor network traffic and security alerts for potential threats using SIEM tools (e.g., Microsoft Sentinel).
  

• Investigate and respond to security incidents, including malware infections, phishing attacks, and unauthorized access.
  

• Conduct root cause analysis and document incident reports with remediation recommendations.
  

• Risk Assessment and Vulnerability Management:
  

• Perform regular vulnerability scans and penetration testing to identify weaknesses in systems and applications.
  

• Collaborate with IT teams to prioritize and remediate vulnerabilities.
  

• Conduct risk assessments to evaluate potential security threats and recommend mitigation strategies.
  

• Security Policy and Compliance:
  

• Implement, and enforce security policies, procedures, and standards in alignment with frameworks such as NIST, ISO 27001, or GDPR.
  

• Ensure compliance with regulatory requirements and industry s best practices.
  

• Assist in preparing for and responding to internal and external audits.
  

• Security Awareness and Training:
  

• Conduct security awareness training for employees to promote best practices (e.g., password management, phishing prevention).
  

• Create and distribute educational materials on emerging cyber threats.
  

• System and Network Security:
  

• Configure and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions.
  

• Implement and monitor encryption, authentication, and access control mechanisms.
  

• Threat Intelligence and Research:
  

• Stay updated on the latest cyber threats, vulnerabilities, and attack vectors.
  

• Analyze threat intelligence reports and apply findings to enhance organizational security posture.
  

• Bachelor s in Engineering, Computer Science, or related field.
  
• 8+ years of experience in Information Security.
  
• Minimum 3 + years hands-on experience in SOC, blue-team, or security engineering roles.
  
• Proven expertise with Microsoft Sentinel, Microsoft Defender, Incident management, Compromised recovery, patch management and vulnerability management platform.
  
• Solid grasp of TCP/IP, Windows/Linux internals, AWS/Azure security primitives.
  
• Scripting for automation (Python, Bash, or PowerShell).
  
• Familiarity with MITRE ATTACK mapping and threat-hunting methodology.
  
• CompTIA Security+, CEH, GRC, CCNA or CCNP - Security.
  
• Analytical mindset with strong investigation and documentation discipline.
  
• Clear verbal/written communication for incident briefings and executive reports.
  
• Ability to multitask and stay calm under pressure.
  
• Experience with Zero Trust architecture projects.
  
• Knowledge of privacy regulations (GDPR, HIPAA, PDPA).
  
• Exposure to DevSecOps.
  

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at

International Free Zone Authority | IFZA

Dubai, United Arab Emirates | Posted on 16/06/2025

IFZA Dubai is the most dynamic and truly international Free Zone Community in the UAE, optimizing the country's strategic location and world-class infrastructure. We provide easy, reliable, and fast company formation services through our network of Professional Partners and Government Authorities.

Job Overview:

The Information Security Analyst will be responsible for protecting IFZA's information systems by identifying, assessing, and mitigating security risks. This role involves monitoring, analyzing, and responding to security incidents, implementing security measures, and ensuring compliance with industry standards and regulations. The ideal candidate is proactive, detail-oriented, and possesses strong technical and analytical skills.

Main Responsibilities:

• Threat Monitoring and Incident Response :
• Monitor network traffic and security alerts for potential threats using SIEM tools (e.g., Microsoft Sentinel).
• Investigate and respond to security incidents, including malware infections, phishing attacks, and unauthorized access.
• Conduct root cause analysis and document incident reports with remediation recommendations.
• Risk Assessment and Vulnerability Management :
• Perform regular vulnerability scans and penetration testing to identify weaknesses in systems and applications.
• Collaborate with IT teams to prioritize and remediate vulnerabilities.
• Conduct risk assessments to evaluate potential security threats and recommend mitigation strategies.
• Security Policy and Compliance :
• Implement, and enforce security policies, procedures, and standards in alignment with frameworks such as NIST, ISO 27001, or GDPR.
• Ensure compliance with regulatory requirements and industry’s best practices.
• Assist in preparing for and responding to internal and external audits.
• Security Awareness and Training :
• Conduct security awareness training for employees to promote best practices (e.g., password management, phishing prevention).
• Create and distribute educational materials on emerging cyber threats.
• System and Network Security :
• Configure and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions.
• Implement and monitor encryption, authentication, and access control mechanisms.
• Threat Intelligence and Research :
• Stay updated on the latest cyber threats, vulnerabilities, and attack vectors.
• Analyze threat intelligence reports and apply findings to enhance organizational security posture.

• Bachelor’s in Engineering , Computer Science, or related field.
• 8+ years of experience in Information Security.
• Minimum 3 + years hands-on experience in SOC, blue-team, or security engineering roles.
• Proven expertise with Microsoft Sentinel, Microsoft Defender, Incident management, Compromised recovery, patch management and vulnerability management platform .
• Solid grasp of TCP/IP, Windows/Linux internals, AWS/Azure security primitives.
• Scripting for automation (Python, Bash, or PowerShell).
• Familiarity with MITRE ATTACK mapping and threat-hunting methodology.
• CompTIA Security+, CEH, GRC, CCNA or CCNP - Security.
• Analytical mindset with strong investigation and documentation discipline.
• Clear verbal/written communication for incident briefings and executive reports.
• Ability to multitask and stay calm under pressure.
• Experience with Zero Trust architecture projects.
• Knowledge of privacy regulations (GDPR, HIPAA, PDPA).
• Exposure to DevSecOps .
  
• International team (over 60 nationalities)
  
• 24 working days as annual leave
  
• Annual flight home
  
• Life insurance plan
  
• Medical insurance plan (with the option to upgrade at your own cost)
  

Help AG is looking for a talented and enthusiastic Security Analyst who will have a strong knowledge and interest in network security. The Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents.

This role requires:

• 2-4 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
• 2-4 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows.

Responsibilities

• Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of critical information security incidents.
• Correlate and analyze events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, threat, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedures.
• Maintain a high degree of awareness of the current threat landscape.
• Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
• Perform other essential duties as assigned.
• Able to work in rotating shifts within a 24/7 operating environment.

Qualifications & Skills

• A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest in internet security, incident detection, network and systems security.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience of analyzing and interpreting system, security, and application logs.
• Knowledge of the type of events that both Firewalls, IDS/IPS, and other security-related devices produce.
• Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
• TCP/IP knowledge, networking, and security product experience.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc., and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• A motivated, self-managed individual who can demonstrate above-average analytical skills and work professionally with peers and customers even under pressure.
• Very good communication skills.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Arabic is preferred.

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams, and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Help AG is looking for a talented and enthusiastic Security Analyst who will have a strong knowledge and interest in network security. The Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents.

This role requires:

• 2-4 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
• 2-4 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows.

Responsibilities

• Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of critical information security incidents.
• Correlate and analyze events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, threat, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedures.
• Maintain a high degree of awareness of the current threat landscape.
• Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
• Perform other essential duties as assigned.
• Able to work in rotating shifts within a 24/7 operating environment.

Qualifications & Skills

• A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest in internet security, incident detection, network and systems security.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience of analyzing and interpreting system, security, and application logs.
• Knowledge of the type of events that both Firewalls, IDS/IPS, and other security-related devices produce.
• Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
• TCP/IP knowledge, networking, and security product experience.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc., and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• A motivated, self-managed individual who can demonstrate above-average analytical skills and work professionally with peers and customers even under pressure.
• Very good communication skills.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Arabic is preferred.

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams, and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Login for faster access to the best deals. Click here if you don't have an account.

Interview Questions for Information Security Analyst roles often focus on key areas like risk management, network security, incident response, and vulnerability assessment. Candidates may be asked about common security tools, threat detection techniques, encryption methods, and how they would handle real-world security incidents. Preparing for these questions helps build confidence and demonstrates the technical knowledge and problem-solving skills required for a successful career in information security.

Login for faster access to the best deals. Click here if you don't have an account.

Interview Questions for Information Security Analyst roles often focus on key areas like risk management, network security, incident response, and vulnerability assessment. Candidates may be asked about common security tools, threat detection techniques, encryption methods, and how they would handle real-world security incidents. Preparing for these questions helps build confidence and demonstrates the technical knowledge and problem-solving skills required for a successful career in information security.

Join to apply for the Risk & Quality - Information Security Analyst- Associate - UAE role at PwC Middle East Enterprise Solutions

Established in the region for 40 years, PwC has around 12,000 people in 12 countries across the region: Bahrain, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Oman, the Palestinian territories, Qatar, Saudi Arabia and the United Arab Emirates.

Our regional team operates across the Middle East bringing international experience delivered within the context of the region and its culture. We leverage the collective knowledge of over 370,000 people across the global PwC network in advisory, assurance, and tax to help you find value.

PwC is transforming information and cyber security by establishing a centralized security services model across the member firm network. The Network Information Security (NIS) team manages this initiative, from defining security strategies to executing the global Cyber Readiness Program, transitioning from local to global services.

The mission is to identify, control, and reduce the attack surface while increasing adversaries’ costs of attack. NIS is structured into pillars including Information Security Risk and Compliance, CISO, Security Architecture, Cyber Security Services, Strategy and Alliances, and Chief of Staff. The CISO pillar works closely with stakeholders to understand their business models and align security roadmaps, managing relationships and driving engagement.

• Manage relationships across PwC member firms
• Map existing services to NIS service catalog
• Define and execute roadmaps for service integration
• Provide consultancy and support for service adoption and compliance

• High school diploma or G.E.D. (required); Undergraduate degree in Information Technology or related field (preferred)
• 1-3 years of experience in information security, IT management, or program management

• Knowledge of security technology and principles
• Ability to manage multi-function relationships and navigate matrix organizations
• Strong communication skills to collaborate with technical and non-technical stakeholders

• Travel: 0%
• Work Visa Sponsorship: Yes
• Government Clearance: Yes

Bachelor of Technology/Engineering(Information technology), MBA/PG Diploma in Business Mgmt

Nationality

Any

Vacancy

1 Vacancy

Job Description

1. ICS Governance

•Develop, maintain, and update the Information Security Management System (ISMS) and Business Continuity Management System (BCMS) frameworks.

•Define and maintain corporate security policies, procedures, standards, and guidelines.

•Coordinate annual and quarterly management reviews, risk assessments, and policy updates.

•Drive employee security awareness and compliance training programs.

•Perform vendor/third-party risk assessments and due diligence reviews.

•Ensure risk management practices are embedded in key business processes.

2. Compliance Management

•Lead certification, surveillance, and re-certification audits for:

ISO 27001 (Information Security Management)

ISO 22301 (Business Continuity Management)

PCI DSS v4.0.1 (Payment Card Industry Data Security Standard)

SOC 2 Type 2 (Service Organization Controls)

UAE IAR (Information Assurance Regulation)

GDPR (General Data Protection Regulation)

•Manage documentation of controls, policies, procedures, and evidence collection for audits.

•Maintain and track compliance obligations and ensure ongoing alignment.

Internal

3. Audit Management

•Serve as the primary point of contact for external and internal audits.

•Coordinate audit scoping, planning, evidence gathering, responses, and closure of audit findings.

•Perform internal readiness reviews ahead of external audits and attestations.

•Work closely with the Data Protection Officer (DPO) to operationalize privacy obligations under UAE DPL and GDPR.

•Ensure processes are in place for:

-Data subject rights requests (DSAR)

-Data protection impact assessments (DPIA)

•Interface with UAE regulatory bodies as needed for compliance reporting and certifications.

Desired Candidate Profile

•5–7 years of progressive experience in ICS GRC, compliance, and audit functions.

•Hands-on experience leading certification and compliance initiatives across PCI DSS, ISO 27001, ISO 22301, SOC 2 Type 2, GDPR, UAE IAR, and UAE DPL.

•Strong understanding of security, privacy, and business continuity frameworks.

•Familiarity with cloud compliance (AWS, Azure) and SaaS environments.

•Excellent project management, analytical, communication, and stakeholder management skills.

Preferred Certifications

•Certified Information Security Manager (CISM)

•Certified Information Privacy Professional (CIPP/E or equivalent)

•Certified Business Continuity Professional (CBCP) is an advantage

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from Confidential

Job Title: Cyber Security Analyst – Emiratization Initiative

Department: Security Operations Center (SOC)

Experience Level: Senior (6+ years)

Job Type: Full-Time

Job Summary

We are seeking an experienced Senior Cyber Security Analyst to join our Security Operations Center (SOC) as part of our Emiratization Initiative. This role is critical for monitoring, detecting, analyzing, and responding to cybersecurity threats across our enterprise environment. The ideal candidate has deep operational experience in cybersecurity, particularly in incident response and threat analysis.

Key Responsibilities

• Monitor and triage security alerts from SIEM, IDS/IPS, and EDR tools to detect and validate threats.
• Investigate suspicious activity by analyzing logs, network traffic, and endpoint data.
• Lead incident response efforts, including containment, eradication, and recovery.
• Conduct threat hunting and leverage threat intelligence and analytics tools.
• Analyze results from vulnerability scans and support remediation planning.
• Provide recommendations for improving security controls and incident response playbooks.
• Create detailed incident reports for both technical and executive stakeholders.
• Mentor junior analysts and collaborate with IT, network, and security teams.

Required Skills & Experience

• Minimum 6 years of cybersecurity experience, with a strong focus in SOC operations or incident response.
• Proficiency in tools and platforms such as SIEM (e.g., Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne), IDS/IPS.
• Strong skills in incident handling, digital forensics, and log analysis.
• Expertise in Windows and Linux systems, network protocols, and attack methodologies.
• Hands-on experience with MITRE ATT&CK, threat intelligence platforms, and behavioral analytics.
• Scripting abilities in Python, PowerShell, or Bash for automation or investigation.
• Excellent written and verbal communication skills.

Preferred Certifications

• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GCIA)
• CompTIA CySA+ or EC-Council Certified SOC Analyst (CSA)
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH) or Offensive Security Certified Professional (OSCP)

This role is part of our commitment to supporting national development goals through the Emiratization Initiative.

Note: Due to the high volume of applications, only shortlisted candidates will be contacted.

• Seniority levelMid-Senior level

• Employment typeFull-time

• Job functionConsulting
• IndustriesInformation Services

Referrals increase your chances of interviewing at Confidential by 2x

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 day ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 day ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 21 hours ago

Abu Dhabi Emirate, United Arab Emirates 1 day ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 5 days ago

Abu Dhabi Emirate, United Arab Emirates 1 day ago

Abu Dhabi Emirate, United Arab Emirates 3 days ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 day ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates AED18,000.00-AED21,000.00 3 months ago

Abu Dhabi Emirate, United Arab Emirates 1 day ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 8 months ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 7 months ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 3 months ago

Abu Dhabi Emirate, United Arab Emirates 3 weeks ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 year ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 month ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 2 months ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 6 months ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 7 months ago

Abu Dhabi Emirate, United Arab Emirates 1 month ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 day ago

Abu Dhabi Emirate, United Arab Emirates 2 weeks ago

Al Ain, Abu Dhabi Emirate, United Arab Emirates 2 months ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 3 days ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 2 months ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 1 month ago

Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates 2 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.