57 Incident Response jobs in the United Arab Emirates

Incident Response Manager

Abu Dhabi, Abu Dhabi ADIB Group

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description


Role: Incident Response Manager

Location: Abu Dhabi

Role purpose:

  • The Incident Response Manager will lead the Cyber Security Incident Response unit oversee its day-to-day operations and manage the SOC shifts.
  • This role requires collaboration with various internal teams and departments as well as external partners and cybersecurity agencies to ensure an effective and timely response to all security incidents.
  • The manager must demonstrate strong leadership skills encourage teamwork optimize team performance and develop incident response strategies.
  • Additionally this position demands hands-on expertise in handling complex L3 security incidents from detection to disposition including leveraging AI-driven threat detection and automated incident response tools.
  • The role also requires strong crisis management and stakeholder communication skills to effectively coordinate during high-impact security events.

Key accountabilities of the role:

Leadership and strategy:

  • Lead the Cyber Security Incident Response unit managing both the day-to-day operations and the strategic development of incident response capabilities.
  • Develop oversee and refine incident response plans playbooks and strategies to ensure rapid and effective response to security breaches.
  • Maintain and enhance information security monitoring processes tools and technologies driving continuous improvements and reducing gaps between current and ideal states.
  • Demonstrate adaptability and innovation to address evolving threat landscapes continuously enhancing the response approach.
  • Incident Management:
  • Directly handle L3 security incidents overseeing their detection analysis containment and resolution.
  • Supervise the staffs utilization of security monitoring tools and ensure high levels of team performance and engagement.
  • Coordinate with threat intelligence monitoring teams and other security functions to effectively communicate incident findings to leadership and relevant stakeholders.
  • Implement and maintain robust incident response frameworks including industry standards such as NIST MITRE ATT&CK and best practices for coordinated response efforts.
  • Prepare and present post-incident reports including lessons learned and recommendations for preventive measures to executive management.
  • Experience in crisis management and business continuity planning.

Operational efficiency:

  • Manage SOC shift schedules to ensure 24/7 coverage and effective resource utilization.
  • Provide detailed reports on incident investigations root cause analyses and mitigation strategies contributing to the organizations continuous improvement efforts.
  • Develop and track key performance metrics for incident management and response reporting outcomes to senior management.
  • Maintain strong relationships with internal and external stakeholders to support the incident problem and change management cycles.
  • Facilitate effective communication during incidents ensuring that stakeholders are informed of progress and resolution steps.

Specialist skills / technical knowledge required for this role:

  • Proven experience in managing security operations centers and incident response teams.
  • Demonstrated capability in hands-on management of L3 security incidents from detection through to disposition.
  • Strong leadership skills with the ability to motivate and guide teams.
  • Expertise in information security principles the cyber threat landscape and incident response protocols.
  • Excellent communication and interpersonal skills to interact with various business units and IT departments.
  • Knowledge of ISO 27001 NESA PCI DSS SWIFT and other information security standards and regulations.
  • Familiarity with incident response frameworks (NIST MITRE ATT&CK) and best practices in managing cybersecurity incidents.
  • Ability to manage multiple tasks with high attention to detail and organizational skills.
  • Bachelors degree in engineering IT or a related technical discipline.
  • Relevant certifications in cybersecurity and incident management (e.g. CISSP CISM GCFA GCIH).

Previous Experience:

  • More than 10 years of experience in information security particularly in incident management and response within banks or financial institutions.
  • Strong experience in monitoring and incident handling techniques and tools.
  • Experience managing a Computer Incident Response Team (CIRT) Computer Security Incident Response Center (CSIRC) or Security Operations Center (SOC).
  • Executive experience including management-level discussions.

Required Experience:

Manager

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Security Incident Response Manager

Dubai, Dubai beBeeIncident

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Job Summary:

We are seeking a seasoned Security Incident Response Manager to join our team. This key role will oversee the development and implementation of incident management policies and procedures, ensuring seamless communication with stakeholders.

Key Responsibilities:

  • Develop strategic direction for the incident management process, providing oversight and guidance to team members.
  • Lead coordination efforts for major security incidents, managing investigation, analysis, containment, recovery, communication, and reporting.
  • Mentor junior team members in incident response best practices and conduct post-incident reviews to identify lessons learned and implement improvements.
  • Stay up-to-date with industry standards and regulations, applying knowledge to enhance security measures.
  • Maintain effective communication channels with stakeholders, fostering trust and transparency.

Requirements:

  • 12+ years in information security with 6-8+ years in Security Incident Response experience.
  • Familiarity with advanced SOC monitoring technologies, risk, threat, and security measures.
  • Strong understanding of standards and regulations such as NIST 800-61, CERT/CC, PCI, ISO 27035, etc.

About Us:

This position offers a unique opportunity to contribute to the growth and success of our organization while advancing your career in security incident response.

This advertiser has chosen not to accept applicants from your region.

DLP & Incident Response Engineer

AED70000 - AED120000 Y Binance

Posted today

Job Viewed

Tap Again To Close

Job Description

Binance is a leading global blockchain ecosystem behind the world's largest cryptocurrency exchange by trading volume and registered users. We are trusted by over 280 million people in 100+ countries for our industry-leading security, user fund transparency, trading engine speed, deep liquidity, and an unmatched portfolio of digital-asset products. Binance offerings range from trading and finance to education, research, payments, institutional services, Web3 features, and more. We leverage the power of digital assets and blockchain to build an inclusive financial ecosystem to advance the freedom of money and improve financial access for people around the world.

We're looking for a security engineer with hands-on experience in Data Loss Prevention (DLP) and incident response, ideally within fintech, crypto, or high-security environments. The role goes beyond using commercial tools you'll also design and build custom solutions, leverage automation, and adapt to emerging threats, including those driven by recent LLM/AI advancements.

Responsibilities
  • Design, deploy, and optimize DLP solutions across network, endpoint, and cloud.
  • Build and refine data classification schemes for sensitive assets (wallets, trading algorithms, customer PII).
  • Configure DLP policies to prevent data exfiltration while minimizing false positives.
  • Monitor, analyze, and tune alerts and incidents for continuous improvement.

  • Lead investigations of DLP incidents and insider threats,

  • Conduct threat hunting and forensic analysis of data exfiltration attempts.
  • Integrate DLP monitoring into broader SOC workflows and incident response playbooks.

  • Build custom DLP tools and integrations (e.g., macOS Swift endpoint protection, Unix socket monitoring).

  • Develop automation scripts, APIs, regexes and integrations to enhance detection and response.
  • Explore AI/LLM-driven methods for anomaly detection and response efficiency.

  • Ensure controls align with crypto and financial regulations (AML, KYC, GDPR, CCPA).

  • Support audits and regulatory reviews related to data protection.
  • Assess and mitigate data loss risks across trading platforms, onboarding systems, and blockchain infrastructure.
Requirements
  • 4+ years in a SOC or security operations role with incident response focus.
  • Proven experience with DLP design, deployment, and monitoring.
  • Strong programming skills (macOS Swift, Unix socket programming, scripting).
  • Hands-on threat hunting, forensic analysis, and APT detection experience.
  • Familiarity with SIEM, EDR, and cloud security architectures.
  • Knowledge of encryption, tokenization, and data classification methods.
Nice-to-have
  • 4+ years in a SOC or security operations role with incident response focus.
  • Proven experience with DLP design, deployment, and monitoring.
  • Strong programming skills (macOS Swift, Unix socket programming, scripting).
  • Hands-on threat hunting, forensic analysis, and APT detection experience.
  • Familiarity with SIEM, EDR, and cloud security architectures.
  • Knowledge of encryption, tokenization, and data classification methods.

Why Binance

  • Shape the future with the world's leading blockchain ecosystem
  • Collaborate with world-class talent in a user-centric global organization with a flat structure
  • Tackle unique, fast-paced projects with autonomy in an innovative environment
  • Thrive in a results-driven workplace with opportunities for career growth and continuous learning
  • Competitive salary and company benefits
  • Work-from-home arrangement (the arrangement may vary depending on the work nature of the business team)

Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success.

By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Notice .

This advertiser has chosen not to accept applicants from your region.

Senior Incident Response Specialist

Fujairah, Fujairah beBeeCybersecurity

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Incident preparedness is a proactive approach to managing and responding to unexpected events.

Job Description

The Principal Consultant will lead and produce deliverables based on engagements that focus on proactive incident preparedness services. They will work with multiple customers and key stakeholders to manage and deliver engagements related to proactive incident preparedness.

Key Responsibilities
  • Lead proactive incident preparedness projects, including tabletop exercises, incident response plans, and response maturity assessments.
  • Review crisis management, incident response, business continuity, and disaster recovery plans.
  • Plan and deliver tabletop exercises, writing post-exercise reports for detailed analysis and recommendations.
  • Manage and contribute to incident preparedness and cyber security engagements from initial scoping through delivery.
This advertiser has chosen not to accept applicants from your region.

Cybersecurity Specialist - Incident Response

Dubai, Dubai beBeeCompliance

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Incident Response-SOC Lead Job Description

In this role, you will have the opportunity to work closely with our esteemed clients.

Job Overview:

  1. Incident Response Process Ownership: Detect, validate, contain, and communicate security events and incidents such as malware infections, potential compromise, DDoS , etc. Ensure appropriate tuning, correlation of critical logs, connection to incident response process, and reporting of relevant metrics.
  2. Security Incident and Event Management (SIEM) Strategy: Drive strategy for SIEM and oversee effectiveness of technology and process. Involve creation and maintenance of security operation playbooks with IT teams to effectively trigger and execute security incident response process.
  3. Logging and Monitoring Across Infrastructure & Applications: Manage current state of logging and monitoring, maintain vision of ideal state of logging and monitoring, and drive prioritized roadmap to reduce gaps.
  4. Internal / External Engagements: Act as SPOC for all escalated client communications and handle day-to-day operations of the Security Operations Centre reporting to SOC Manager.

Key Responsibilities:

logging, event management, steps validation, metrics, infrastructure strategy, security communication management

What We Offer:

We offer a dynamic and challenging work environment that fosters growth and development.

This advertiser has chosen not to accept applicants from your region.

Cybersecurity Incident Response Specialist

Dubai, Dubai beBeeIncidentResponse

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Job Description

We are seeking a highly skilled Incident Response Specialist to join our team. The ideal candidate will be responsible for rapidly addressing security incidents and threats, strategizing, and leading incident engagements with staff at all levels.

On the ground, you will monitor threats targeting our company and help prevent attacks from occurring or escalating. This is an excellent opportunity to leverage your expertise in cybersecurity to drive business outcomes.

Key Responsibilities:
  • Perform end-to-end handling of all critical, high, and medium cybersecurity incidents
  • Draft incident reports and communicate incident summaries to senior leadership, end users, and legal teams
  • Write playbooks for different types of cybersecurity incidents and use automation to reduce MTTR
  • Automate repetitive incident-response tasks using automation platforms and/or programming
  • Optimize existing security controls to fine-tune alerts and reduce false positives
  • Gather open source and commercial threat intelligence and perform hunting across the enterprise for undetected threats
  • Support legal and regulatory teams as a technical SME for cyber incidents with regulatory requirements
  • Evaluate new technologies and drive POCs for new security products

Note: You will be expected to leverage coding skills to develop and automate solutions that enhance detection and response capabilities.

Qualifications:
  • 5+ years in Cyber Security, specifically Incident Response, with 24/7 SOC experience
  • Strong understanding of NIST, CSF, MITRE, and other cybersecurity frameworks
  • Programming or scripting skills (e.g., Python, C++) for automating incident-response tasks and developing custom tools
  • Ability to write and tune detection rules across security platforms
  • Hands-on experience dealing with major security incidents
  • Automation proficiency using automation platforms or programming
  • Malware analysis and digital forensics experience is a plus
  • Relevant certifications (e.g., CISSP, ECSA, GISP, GCIH, GCFE, GCFA) are a plus
  • Excellent multitasking ability with adaptability and teamwork
  • Strong English communication skills (oral and written)
Benefits & Working Model:
  • Hybrid working model
  • WFH setup allowance
  • 30 days remote working from anywhere globally each year
  • Employee discounts for accommodations worldwide
  • Global team of 90+ nationalities, 40+ offices across 25+ countries
  • CSR/Volunteer time off, Benevity donation subscription, volunteering opportunities
  • Free Headspace, Odilo & Udemy subscriptions
  • Employee Assistance Program and enhanced parental leave
  • Life, total and accidental insurance
Equal Opportunity:

At our company, we are an equal opportunity employer and value diversity. Employment is based on merit and qualifications, without regard to sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, or other legally protected characteristics.

This advertiser has chosen not to accept applicants from your region.

Incident Response-SOC Lead

Dubai, Dubai Dautom

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

In this role, you will have the opportunity to work closely with one of our esteemed clients. This client is a global leader known for its commitment to quality and innovation. They have chosen Dautom as their trusted partner for their upcoming projects.

Job Description:

  1. Incident Response Process: Owns the critical process steps detection, validation, containment, and communication for security events and incidents such as malware infections, potential compromise, Distributed Denial of Service (DDoS), etc.
  2. Security Incident and Event Management (SIEM): Drives our strategy for SIEM and oversees the effectiveness of the technology and process. Involves appropriate tuning, correlation of critical logs, connection to our incident response process, and reporting of relevant metrics.
  3. Security Operations Playbooks: Create, maintain, and promote a set of security operation playbooks with Agilents IT teams to effectively trigger and execute the security incident response process.
  4. Logging and Monitoring Across Infrastructure & Applications: Manages the current state of logging and monitoring, maintains a vision of ideal state of logging and monitoring, and drives a prioritized roadmap to reduce the gaps.
  5. Internal / External Engagements: Act as a SPOC for all escalated client communications and handle the day-to-day operations of the Security Operations Centre reporting to the SOC Manager.
Required Skills:

Logging, Event Management, Steps Validation, Metrics, Infrastructure Strategy, Security Communication Management

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Incident response Jobs in United Arab Emirates !

Cyber Security Incident Response Manager

Dubai, Dubai beBeeIncident

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Job Overview:

The Cyber Defense Center is seeking a seasoned information security expert to lead its incident response team. This key role involves coordinating with various stakeholders, managing incident response processes, and ensuring timely and effective handling of security incidents.

Key responsibilities include:

  • Coordinating incident response efforts across multiple teams
  • Managing incident response processes and procedures
  • Investigating and analyzing security incidents
  • Containing and recovering from security breaches
  • Communicating incident response efforts to stakeholders
  • Reporting on incident response activities

The ideal candidate will possess strong leadership skills, excellent communication abilities, and a deep understanding of information security principles.

This advertiser has chosen not to accept applicants from your region.

Senior Cybersecurity Consultant - Incident Response

Umm Al Quwain, Umm al Qaywayn beBeeCybersecurity

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Job Overview

We are seeking a seasoned Incident Preparedness Lead to join our team. As an Incident Preparedness Lead, you will be responsible for leading proactive incident preparedness projects, including tabletop exercises, incident response plans, and response maturity assessments.

  • You will lead complicated engagements from initial scoping to delivery, interfacing with clients to ensure successful project outcomes.
  • You will review crisis management, incident response, business continuity, and disaster recovery plans, as well as other relevant documents.
  • You will plan and deliver tabletop exercises, writing post-exercise reports that provide detailed analysis and recommendations.
About the Role

This is a key leadership position in our team, requiring a strong background in incident preparedness and incident response consulting. If you have a passion for cybersecurity and excellent leadership skills, we encourage you to apply.

  • 8 years of experience in incident preparedness and/or incident response consulting required.
  • Experience leading and delivering complex engagements, including scoping and interfacing with clients.
  • Incident response consulting experience is necessary, while incident preparedness experience is essential.
  • Bachelor's degree in information security, computer science, cybersecurity, or a related field/equivalent experience or equivalent military experience is required.
Our Team

Our team at Palo Alto Networks' security advisory team focuses on creating a more secure digital world by providing high-quality incident response, risk management, and digital forensic services to clients of all sizes.

This advertiser has chosen not to accept applicants from your region.

Incident Response and Forensic Investigation Specialist

AED120000 - AED250000 Y Help AG, an e& enterprise company

Posted today

Job Viewed

Tap Again To Close

Job Description

Help AG is looking for a talented and experienced Incident Response and Forensic Investigation Specialist who will be responsible for off-site and on-site Incident Response activities and customer engagements, leveraging multiple security technologies, guiding and leading customers in the handling of Security Incidents and examining IT and security systems using best-practice digital forensic methods to detect, validate and mitigate IT security related incidents. He / She will join our Cyber Defence team within our Managed Security Services (MSS) business unit. If you have a strong knowledge and interest in incident response and/or digital forensics, this position might be the right one for you.

Responsibilities:

  • Lead incident response engagements in unknown environments until all threats are remediated.
  • Develop custom incident response plans tied to specific environments and customer situations.
  • Examinate and analyse logs/data from a broad variety of security technologies, such as Antiviruses, IDS/IPS, Firewalls, Switches, VPNs and other security threat data sources.
  • Perform forensic analysis of different artifacts including RAM, packet captures, logs and disk images.
  • Reverse engineer malicious software and develop signatures and indicators of compromise.
  • Actively develop incident response tools, scripts, and various detection content.
  • Research Red Team techniques, develop custom detection queries, rules, watchlists and other content, and conduct threat hunts.
  • Articulate and execute common Incident Response methods (e.g. SANS).
  • Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
  • Work on-site as required with clients during Live Security Incidents.
  • Maintain a high degree of awareness of the current threat landscape.
  • Champion excellence and support others in delivering it through active knowledge sharing with team members, writing technical articles for internal knowledge bases, blog posts and reports as required or requested.
  • Create and present customer reports to ensure quality, accuracy and value to the client.
  • Educate and train other Analysts in execution of Incident Response processes and forensic analysis techniques.
  • Perform other essential duties as assigned.

Qualifications & Skills:

  • A Degree in Computer Science, Information Systems, Electrical Engineering or a closely related degree.
  • 7+ years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, malware analysis, reverse engineering or threat detection.
  • At least 2-3 years of experience as a Senior or Lead Analyst, or equivalent experience guiding, mentoring and teaching other Analysts/Security Professionals how to handle Security Incidents.
  • Strong background or equivalent experience in four of the following: Security Threat and Event Analysis, Network Security Operations or Engineering, Reverse Engineering, Malware Analysis, Windows/Linux/OSX Forensics, Penetration Testing, Active Directory and Azure Administration.
  • Demonstrate experience in handling Incident Response engagements (APTs and Ransomware) using the SANS Incident Response method (or similar).
  • CISSP, GCIA, GCIH, GCFA, GCFE, GREM, OSCP certification would be preferable.
  • Deep TCP/IP knowledge, networking and security product experience.
  • Strong knowledge of Red Team tactics and ability to find adversary traces on Enterprise scale.
  • Rapid development in scripting languages: Python/PowerShell /Bash.
  • A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
  • Demonstrable experience in accountability for and applying the methods of Incident Response, including adherence to process and direct engagement with stakeholders.
  • Demonstrable experience in analysing and interpreting system, security and application logs.
  • Broad knowledge of the type of events that Firewalls, IDS/IPS and other security related devices produce.
  • Demonstrable experience in the use of Digital Forensics tools, techniques and concepts including creating and using custom tools and scripts.
  • Static reverse engineering and analysis of malware written in different languages (X86/X64/C/C#, Go, etc.), signatures and Yara/Snort/Sigma rules development.
  • Knowledge of attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.

Benefits:

  • Health insurance with one of the leading global providers for medical insurance.
  • Career progression and growth through challenging projects and work.
  • Employee engagement and wellness campaigns activities throughout the year.
  • Excellent learning and development opportunities.
  • Annual flight tickets.
  • Inclusive and diverse working environment.
  • Flexible/Hybrid working environment.
  • Open door policy.

About Us:
Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses and governments across the Middle East with strategic consultancy combined with tailored information security services and solutions that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in Feb 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and cybersecurity focused. With best-of-breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Incident Response Jobs