20 Penetration Tester jobs in Dubai

VULNERABILITY ANALYST / PENETRATION TESTER

Purpose

Own the end-to-end vulnerability management lifecycle across infrastructure, endpoints, and cloud. Coordinate remediation with IT/GRC, govern penetration testing (internal and third-party), and continuously reduce exploitable attack surface without disrupting delivery.

Key Responsibilities

• Discovery & Coverage: Maintain a complete, tagged asset inventory (servers, endpoints, network devices, cloud workloads, containers/k8s, SaaS). Ensure authenticated scans wherever feasible.
• Scanning & Tuning: Operate and tune vuln tooling (ManageEngine/Tenable/Qualys or similar). Integrate credential vaults, schedule scans by asset criticality, minimize scan impact on production.
• Risk-Based Prioritization: Triage with CVSS v3.1 + EPSS + KEV + exploit availability, internet exposure, and asset criticality. Escalate rapidly for external-facing criticals.
• Remediation & Change: Raise/track tickets in ITSM, align with patch/change windows, provide compensating controls when patching is not immediately possible.
• Validation & Retest: Re-scan and perform targeted verification (safe exploit/POC where appropriate). Close findings only on evidence-backed remediation.
• Exceptions & GRC: Document time-bound risk acceptances with business owners, map controls to NIST/CIS/ISO 27001 and relevant local regs, keep the exception register current.
• Reporting & Dashboards: Weekly ops reports, monthly exec dashboards (exposure by BU/technology, SLA compliance, trends, risk burndown, top KEV exposure).
• Own external perimeter monitoring (DNS, certificates, open ports, cloud object exposure, shadow IT). Drive takedown/closure of risky services and stale assets. Track "time-to-close" for external critical.

• Plan & Scope: Build the annual PT calendar (external, internal, cloud, wireless, AD, selected apps) with clear Rules of Engagement, success criteria, data handling, and rollback plans. Choose testing modality by risk and objective: Black-box, Gray-box, and White-box.
• Execute/Coordinate: Perform targeted tests in-house and manage third-party engagements. Ensure evidence, reproducibility, and clear remediation guidance.
• Standards & Methods: Apply NIST SP 800-115, PTES, OWASP Testing Guide/ASVS (with AppSec), and map to MITRE ATT&CK for detection-engineering feedback.
• Enterprise Network & Firewall - Aware Testing: Evaluate controls across NGFW/WAF/IDS/IPS, VPNs, segmentation (VLAN/VRF), egress filtering, DNS/security filtering, NAT, and cloud security groups/NACLs. Validate rulebase hygiene (shadowed rules, any-any, unused/overly permissive objects), attack surface exposure, and bypass paths, provide concrete policy/hardening recommendations.

• Assess cloud (PaaS and SaaS Applications) configurations against CIS Benchmarks and native CSPM findings, integrate container/IaC scanning for infra drift, coordinate with DevSecOps for pipeline gates.

• Enrich SIEM/XDR with vulnerability context for risk-weighted alerting. Partner with SOC to validate exploitability and to prioritize hardening based on active threats.

• Experience: 5+ years in Vulnerability Management and Penetration Testing across enterprise environments (on-prem + cloud).
• Tooling: Admin-level hands-on with ManageEngine/Tenable/Qualys/SentinelOne (or similar), familiarity with EASM tools, practical use of EPSS, CISA KEV, SBOM/CVE workflows.
• Testing: Proficiency with common PT tooling (e.g., Burp Suite, Nmap, Responder, BloodHound, Impacket, Kali), safe exploitation, and evidence capture.
• Platforms: Strong Windows/Linux, AD, network fundamentals, cloud security (Azure/AWS/GCP), containers/k8s basics.
• Scripting/Automation: Python, PowerShell, or Bash for data wrangling and workflow automation.
• Frameworks: Working knowledge of NIST CSF/ISO 27001/CIS Controls, OWASP Top 10, MITRE ATT&CK mapping.
• Soft Skills: Clear written reporting for exec and technical audiences, stakeholder management, ability to negotiate patch windows and drive closure.

• PT/Vuln: OSCP, eCPPT, GPEN, GXPN, PNPT, eJPT
• Cloud/Sec: AZ-500, AWS Security Specialty, GCSA

• Mid-Senior level

• Full-time

• Information Technology
• Industries: IT System Custom Software Development, Technology, Information and Media, and Computer and Network Security

We are seeking an experienced Penetration Tester to join our dynamic IT operations team in Ajman, UAE. In this critical role, you will be responsible for proactively identifying security vulnerabilities in our systems, networks, and applications before they can be exploited. Your expertise will help safeguard Dicetek's digital infrastructure and ensure the highest standards of cybersecurity across all platforms. This is an exciting opportunity to work with a forward-thinking team dedicated to building secure and resilient IT environments.

Perform regular penetration testing on web applications, networks, and systems.
Identify, exploit, and document vulnerabilities with precision and clarity.
Conduct risk assessments and security audits to evaluate existing security controls.
Simulate real-world attacks to test the robustness of current defense mechanisms.
Collaborate with the IT and development teams to remediate vulnerabilities and improve security posture.
Stay updated on the latest security threats, tools, and trends.
Prepare detailed reports and presentations on findings for both technical and non-technical stakeholders.
Ensure compliance with security frameworks and industry regulations.

Bachelor's Degree in Computer Science, Cybersecurity, Information Technology, or a related field.
Minimum 6+ years of hands-on experience in penetration testing and vulnerability assessments.
In-depth knowledge of penetration testing methodologies, tools (e.g., Metasploit, Burp Suite, Nessus), and frameworks (e.g., OWASP, PTES).
Experience in ethical hacking, red teaming, and social engineering techniques.
Strong understanding of operating systems, networking protocols, and security architectures.
Relevant certifications such as OSCP, CEH, GPEN, or CISSP are highly desirable.
Excellent analytical, problem-solving, and communication skills.

At Dicetek LLC, we are a global IT solutions and services company committed to delivering technology-driven business innovations that empower enterprises across diverse industries. Headquartered in the UAE with a strong presence across the Middle East and Asia, Dicetek prides itself on its client-centric approach, deep domain expertise, and scalable delivery model. Our mission is to transform businesses by aligning cutting-edge technology with core organizational goals, while upholding values of integrity, innovation, and excellence.

Vulnerability Analyst/ Penetration Tester

Dubai, United Arab Emirates | Posted on 11/09/2025

IFZA Dubai is the most dynamic and truly international Free Zone Community in the UAE, optimizing the country's strategic location and world-class infrastructure. We provide easy, reliable, and fast company formation services through our network of Professional Partners and Government Authorities.

Purpose

Own the end-to-end vulnerability management lifecycle across infrastructure, endpoints, and cloud. Coordinate remediation with IT/GRC, govern penetration testing (internal and third-party), and continuously reduce exploitable attack surface without disrupting delivery.

Key Responsibilities

1) Vulnerability Management Lifecycle

• Discovery & Coverage: Maintain a complete, tagged asset inventory (servers, endpoints, network devices, cloud workloads, containers/k8s, SaaS). Ensure authenticated scans wherever feasible.
• Scanning & Tuning: Operate and tune vulnerability tooling (ManageEngine/Tenable/Qualys or similar). Integrate credential vaults, schedule scans by asset criticality, minimize scan impact on production.
• Risk-Based Prioritization: Triage with CVSSv3.1 + EPSS + KEV + exploit availability, internet exposure, and asset criticality. Escalate rapidly for external-facing criticals.
• Remediation & Change: Raise/track tickets in ITSM, align with patch/change windows, provide compensating controls when patching is not immediately possible.
• Validation & Retest: Re-scan and perform targeted verification (safe exploit/POC where appropriate). Close findings only on evidence-backed remediation.
• Exceptions & GRC: Document time-bound risk acceptances with business owners, map controls to NIST/CIS/ISO 27001 and relevant local regs, keep the exception register current.
• Reporting & Dashboards: Weekly ops reports, monthly exec dashboards (exposure by BU/technology, SLA compliance, trends, risk burndown, top KEV exposure).
• Own external perimeter monitoring (DNS, certificates, open ports, cloud object exposure, shadow IT). Drive takedown/closure of risky services and stale assets. Track “time-to-close” for external criticals.

3) Penetration Testing (Governance & Execution)

• Plan & Scope: Build the annual PT calendar (external, internal, cloud, wireless, AD, selected apps) with clear Rules of Engagement, success criteria, data handling, and rollback plans. Choose testing modality by risk and objective: Black-box, Gray-box, and White-box.
• Execute/Coordinate: Perform targeted tests in-house and manage third-party engagements. Ensure evidence, reproducibility, and clear remediation guidance.
• Standards & Methods: Apply NIST SP800-115, PTES, OWASP Testing Guide/ASVS (with AppSec), and map to MITRE ATT&CK for detection-engineering feedback.
• Enterprise Network & Firewall: AwareTesting: Evaluate controls across NGFW/WAF/IDS/IPS, VPNs, segmentation (VLAN/VRF), egress filtering, DNS/security filtering, NAT, and cloud security groups/NACLs. Validate rulebase hygiene (shadowed rules, any-any, unused/overly permissive objects), attack surface exposure, and bypass paths, provide concrete policy/hardening recommendations.

4) Cloud, Container & Modern Stack Coverage

• Assess cloud (PaaS and SaaS Applications) configurations against CIS Benchmarks and native CSPM findings, integrate container/IaC scanning for infra drift, coordinate with DevSecOps for pipeline gates.

5) SOC/Detection Integration

• Enrich SIEM/XDR with vulnerability context for risk-weighted alerting. Partner with SOC to validate exploitability and to prioritize hardening based on active threats.

• Experience: 5+ years in Vulnerability Management and Penetration Testing across enterprise environments (on-prem + cloud).
• Tooling: Admin-level hands-on with ManageEngine/Tenable/Qualys/SentinelOne (or similar), familiarity with EASM tools, practical use of EPSS, CISA KEV, SBOM/CVE workflows.
• Testing: Proficiency with common PT tooling (e.g., Burp Suite, Nmap, Responder, BloodHound, Impacket, Kali), safe exploitation, and evidence capture.
• Platforms: Strong Windows/Linux, AD, network fundamentals, cloud security (Azure/AWS/GCP), containers/k8s basics.
• Scripting/Automation: Python, PowerShell, or Bash for data wrangling and workflow automation.
• Frameworks: Working knowledge of NIST CSF/ISO27001/CIS Controls, OWASP Top 10, MITRE ATT&CK mapping.
• Soft Skills: Clear written reporting for exec and technical audiences, stakeholder management, ability to negotiate patch windows and drive closure.

As an employee of IFZA, you can expect:

• 24 working days as annual leave
• Annual flight home
• Life insurance plan
• Medical insurance plan (with the option to upgrade at your own cost)
• Access to exclusive Fazaa discounts (applicable in participating retail stores, food & beverage outlets, fitness clubs, cinemas, theme parks, clinics, and more)

Dubai, United Arab Emirates | Posted on 11/09/2025

IFZA Dubai is the most dynamic and truly international Free Zone Community in the UAE, optimizing the country's strategic location and world-class infrastructure. We provide easy, reliable, and fast company formation services through our network of Professional Partners and Government Authorities.

Purpose

Own the end-to-end vulnerability management lifecycle across infrastructure, endpoints, and cloud. Coordinate remediation with IT/GRC, govern penetration testing (internal and third-party), and continuously reduce exploitable attack surface without disrupting delivery.

Key Responsibilities

1) Vulnerability Management Lifecycle

• Discovery & Coverage: Maintain a complete, tagged asset inventory (servers, endpoints, network devices, cloud workloads, containers/k8s, SaaS). Ensure authenticated scans wherever feasible.
• Scanning & Tuning: Operate and tune vulnerability tooling (ManageEngine/Tenable/Qualys or similar). Integrate credential vaults, schedule scans by asset criticality, minimize scan impact on production.
• Risk-Based Prioritization: Triage with CVSSv3.1 + EPSS + KEV + exploit availability, internet exposure, and asset criticality. Escalate rapidly for external-facing criticals.
• Remediation & Change: Raise/track tickets in ITSM, align with patch/change windows, provide compensating controls when patching is not immediately possible.
• Validation & Retest: Re-scan and perform targeted verification (safe exploit/POC where appropriate). Close findings only on evidence-backed remediation.
• Exceptions & GRC: Document time-bound risk acceptances with business owners, map controls to NIST/CIS/ISO 27001 and relevant local regs, keep the exception register current.
• Reporting & Dashboards: Weekly ops reports, monthly exec dashboards (exposure by BU/technology, SLA compliance, trends, risk burndown, top KEV exposure).
• Own external perimeter monitoring (DNS, certificates, open ports, cloud object exposure, shadow IT). Drive takedown/closure of risky services and stale assets. Track "time-to-close" for external criticals.

3) Penetration Testing (Governance & Execution)

• Plan & Scope: Build the annual PT calendar (external, internal, cloud, wireless, AD, selected apps) with clear Rules of Engagement, success criteria, data handling, and rollback plans. Choose testing modality by risk and objective: Black-box, Gray-box, and White-box.
• Execute/Coordinate: Perform targeted tests in-house and manage third-party engagements. Ensure evidence, reproducibility, and clear remediation guidance.
• Standards & Methods: Apply NIST SP800-115, PTES, OWASP Testing Guide/ASVS (with AppSec), and map to MITRE ATT&CK for detection-engineering feedback.
• Enterprise Network & Firewall: AwareTesting: Evaluate controls across NGFW/WAF/IDS/IPS, VPNs, segmentation (VLAN/VRF), egress filtering, DNS/security filtering, NAT, and cloud security groups/NACLs. Validate rulebase hygiene (shadowed rules, any-any, unused/overly permissive objects), attack surface exposure, and bypass paths, provide concrete policy/hardening recommendations.

4) Cloud, Container & Modern Stack Coverage

• Assess cloud (PaaS and SaaS Applications) configurations against CIS Benchmarks and native CSPM findings, integrate container/IaC scanning for infra drift, coordinate with DevSecOps for pipeline gates.

5) SOC/Detection Integration

• Enrich SIEM/XDR with vulnerability context for risk-weighted alerting. Partner with SOC to validate exploitability and to prioritize hardening based on active threats.

• Experience: 5+ years in Vulnerability Management and Penetration Testing across enterprise environments (on-prem + cloud).
• Tooling: Admin-level hands-on with ManageEngine/Tenable/Qualys/SentinelOne (or similar), familiarity with EASM tools, practical use of EPSS, CISA KEV, SBOM/CVE workflows.
• Testing: Proficiency with common PT tooling (e.g., Burp Suite, Nmap, Responder, BloodHound, Impacket, Kali), safe exploitation, and evidence capture.
• Platforms: Strong Windows/Linux, AD, network fundamentals, cloud security (Azure/AWS/GCP), containers/k8s basics.
• Scripting/Automation: Python, PowerShell, or Bash for data wrangling and workflow automation.
• Frameworks: Working knowledge of NIST CSF/ISO27001/CIS Controls, OWASP Top 10, MITRE ATT&CK mapping.
• Soft Skills: Clear written reporting for exec and technical audiences, stakeholder management, ability to negotiate patch windows and drive closure.

As an employee of IFZA, you can expect:

• 24 working days as annual leave
• Annual flight home
• Life insurance plan
• Medical insurance plan (with the option to upgrade at your own cost)
• Access to exclusive Fazaa discounts (applicable in participating retail stores, food & beverage outlets, fitness clubs, cinemas, theme parks, clinics, and more)

Netsentries Application Security Engineers will perform code-aware security assessments, Threat Modeling, SAST, SCA, and Security Engineering reviews of enterprise Web/Mobile applications on different platforms developed in various programming languages.

Key Responsibilities:

• Perform Mobile/Web application security testing and source code reviews.
• Ensure the highest level of security compliance and best practices.

Required Experience & Skills:

• Minimum 3 years of hands-on experience in security testing.
• Proficiency in mobile application testing and source code review.
• Experience particularly within banking and financial sectors is advantageous.
• Excellent communication abilities, technical acumen, and a desire to learn.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Industry-relevant certifications like OSCP, OSCE etc. are required.

Other:

• Candidates should be technically sound and eager to learn new technologies.
• Immediate availability is preferred.

Penetration Testers/Offensive Security Consultants (Associate / Consultant / Senior / SME) at NetSentries get exciting opportunities to work with large enterprises across the globe to support them to meet their security assurance validation requirements. The role is part of the Service Delivery function, and we are seeking candidates with an achiever’s mindset seeking fast growth in the technology-centric work environment and ample exposure to the latest in the industry to meet challenging customer requirements.

PRIMARY RESPONSIBILITIES

The right candidate should have proficiency in conducting TWO or more of the below type of assessments.

• Perform intelligence-led security assessments on Internet-facing web applications
• Perform security assessments on internal/external software applications/services, including the services layer segments with REST/SOAP/GraphQL APIs, ESB, Middleware, or other channels.
• Perform penetration tests across public/private network infrastructure assets
• Perform code aware penetration testing and security assessment of the iOS/Android mobile applications
• Perform assessments of wireless networks and OT assets/components
• Perform security assessment of cloud environments (AWS/Azure/GCP/other) with automated tools, custom scripts, and configuration audits.
• Perform internal and external adversary emulations and AD red teaming.

ADDITIONAL RESPONSIBILITIES

• Develop testing scripts and procedures for comprehensive assessment requirements
• Conducts penetration tests and vulnerability assessments against client infrastructure following a standard testing methodology using automated, ad-hoc, and manual testing techniques.
• Compile executive and technical reports and make recommendations to findings in a responsive fashion.
• Conducts external and internal segmentation testing against client infrastructure.
• Develop penetration testing strategy and test cases for complex enterprise applications
• Develop methodology documents and pre-engagement questionnaires for Penetration Testing and Vulnerability Assessment projects.
• Thoroughly document exploit chain/proof of concept scenarios for client consumption.

REQUIREMENTS

• 3-6 years of relevant work experience.
• Based on experience and skill set, candidates will be considered for Associate Consultant, Consultant, Senior Consultant, or SME positions.
• Ability to work methodically, independently, and prioritize work
• Excellent communication skills (written & verbal) in English, must be able to present complex technical topics in a clear and structured way, ability to moderate discussions, meetings, and projects. Being able to assume the role of a trusted subject matter expert.
• Strong technical knowledge in performing manual/ automated network security assessments using open-source and commercial security tools on various operating systems, applications, networks, and security infrastructure devices.
• Excellent up-to-date technical and hands-on knowledge and experience in current attack methods, penetration testing methods, and hacking tools, especially for web applications, are required.
• A Desire to learn and to share knowledge.
• Deep knowledge of common software vulnerabilities, such as OWASP Top 10 and CWE/SANS Top 25.
• Hands-on experience in Kali Linux, Metasploit, Nexpose, Nmap, Burp, Paros, Nessus, Appscan, Core Impact, and other relevant tools.
• Programming experience in Python, PHP, Perl, Ruby, NET, or other interpreted or compiled languages.
• Experience with reverse engineering, exploit development, and mobile and industrial control systems are a plus.
• OSCP/OSWE/OSEP/OSCE/CRTP or other security certifications are desirable
• Flexibility and adaptability to work in a growing, dynamic, international team with a strong customer-oriented attitude
• Willingness to travel extensively (domestic/international)

NetSentries is an Enterprise Cyber Security Assessor serving Global Banks and Forbes 2000 companies across four continents. We serve our customers by continuously identifying Cyber Risks and enabling Blue teams with Threat Informed Defensive capabilities to protect their organizations better.

LOCATION

Dubai, Abu Dabi - UAE

Penetration Testers/Offensive Security Consultants (Associate / Consultant / Senior / SME) at NetSentries get exciting opportunities to work with large enterprises across the globe to support them to meet their security assurance validation requirements. The role is part of the Service Delivery function, and we are seeking candidates with an achiever's mindset seeking fast growth in the technology-centric work environment and ample exposure to the latest in the industry to meet challenging customer requirements.

PRIMARY RESPONSIBILITIES

The right candidate should have proficiency in conducting TWO or more of the below type of assessments.

• Perform intelligence-led security assessments on Internet-facing web applications
• Perform security assessments on internal/external software applications/services, including the services layer segments with REST/SOAP/GraphQL APIs, ESB, Middleware, or other channels.
• Perform penetration tests across public/private network infrastructure assets
• Perform code aware penetration testing and security assessment of the iOS/Android mobile applications
• Perform assessments of wireless networks and OT assets/components
• Perform security assessment of cloud environments (AWS/Azure/GCP/other) with automated tools, custom scripts, and configuration audits.
• Perform internal and external adversary emulations and AD red teaming.

ADDITIONAL RESPONSIBILITIES

• Develop testing scripts and procedures for comprehensive assessment requirements
• Conducts penetration tests and vulnerability assessments against client infrastructure following a standard testing methodology using automated, ad-hoc, and manual testing techniques.
• Compile executive and technical reports and make recommendations to findings in a responsive fashion.
• Conducts external and internal segmentation testing against client infrastructure.
• Develop penetration testing strategy and test cases for complex enterprise applications
• Develop methodology documents and pre-engagement questionnaires for Penetration Testing and Vulnerability Assessment projects.
• Thoroughly document exploit chain/proof of concept scenarios for client consumption.

REQUIREMENTS

• 3-6 years of relevant work experience.
• Based on experience and skill set, candidates will be considered for Associate Consultant, Consultant, Senior Consultant, or SME positions.
• Ability to work methodically, independently, and prioritize work
• Excellent communication skills (written & verbal) in English, must be able to present complex technical topics in a clear and structured way, ability to moderate discussions, meetings, and projects. Being able to assume the role of a trusted subject matter expert.
• Strong technical knowledge in performing manual/ automated network security assessments using open-source and commercial security tools on various operating systems, applications, networks, and security infrastructure devices.
• Excellent up-to-date technical and hands-on knowledge and experience in current attack methods, penetration testing methods, and hacking tools, especially for web applications, are required.
• A Desire to learn and to share knowledge.
• Deep knowledge of common software vulnerabilities, such as OWASP Top 10 and CWE/SANS Top 25.
• Hands-on experience in Kali Linux, Metasploit, Nexpose, Nmap, Burp, Paros, Nessus, Appscan, Core Impact, and other relevant tools.
• Programming experience in Python, PHP, Perl, Ruby, NET, or other interpreted or compiled languages.
• Experience with reverse engineering, exploit development, and mobile and industrial control systems are a plus.
• OSCP/OSWE/OSEP/OSCE/CRTP or other security certifications are desirable
• Flexibility and adaptability to work in a growing, dynamic, international team with a strong customer-oriented attitude
• Willingness to travel extensively (domestic/international)

NetSentries is an Enterprise Cyber Security Assessor serving Global Banks and Forbes 2000 companies across four continents. We serve our customers by continuously identifying Cyber Risks and enabling Blue teams with Threat Informed Defensive capabilities to protect their organizations better.

LOCATION

Dubai, Abu Dabi - UAE

Help AG is looking for a talented and enthusiastic Security Analyst who will have a strong knowledge and interest in network security. The Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents.

This role requires:

• 2-4 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
• 2-4 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows.

Responsibilities

• Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of critical information security incidents.
• Correlate and analyze events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, threat, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedures.
• Maintain a high degree of awareness of the current threat landscape.
• Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
• Perform other essential duties as assigned.
• Able to work in rotating shifts within a 24/7 operating environment.

Qualifications & Skills

• A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest in internet security, incident detection, network and systems security.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience of analyzing and interpreting system, security, and application logs.
• Knowledge of the type of events that both Firewalls, IDS/IPS, and other security-related devices produce.
• Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
• TCP/IP knowledge, networking, and security product experience.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc., and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• A motivated, self-managed individual who can demonstrate above-average analytical skills and work professionally with peers and customers even under pressure.
• Very good communication skills.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Arabic is preferred.

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams, and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Help AG is looking for a talented and enthusiastic Security Analyst who will have a strong knowledge and interest in network security. The Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents.

This role requires:

• 2-4 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
• 2-4 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows.

Responsibilities

• Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of critical information security incidents.
• Correlate and analyze events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, threat, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedures.
• Maintain a high degree of awareness of the current threat landscape.
• Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
• Perform other essential duties as assigned.
• Able to work in rotating shifts within a 24/7 operating environment.

Qualifications & Skills

• A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest in internet security, incident detection, network and systems security.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience of analyzing and interpreting system, security, and application logs.
• Knowledge of the type of events that both Firewalls, IDS/IPS, and other security-related devices produce.
• Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
• TCP/IP knowledge, networking, and security product experience.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc., and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• A motivated, self-managed individual who can demonstrate above-average analytical skills and work professionally with peers and customers even under pressure.
• Very good communication skills.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Arabic is preferred.

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams, and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.