52 Security Incidents jobs in the United Arab Emirates

• Handle and validate incidents/Alerts
• Receive and analyze Security alerts from various sources and determine possible causes of such alerts.
• Conduct recommended proactive response actions and predictive analysis of potential cybersecurity threats.
• Use SOC tools for continual monitoring and analysis of System/Network/Application activity to identify potential malicious activities.

Experience:

• Minimum 1 to 2 year experience working in a large-scale IT environment with focus on
  SIEM Solution. Preferably Splunk
  & ArcSight.
• High-level understanding of current security threats & challenges in mitigating those.
• Knowledge of security best practices and concepts.
• Knowledge of Windows and/or Unix-based systems/architectures and related security.
• Intermediate level of knowledge of LAN/WAN technologies.
• Must have a solid understanding of information technology and information security.

Characteristics:

• Flexibility to work all shifts on 24x7 basis and willingness to assist the team with overtime when needed.

Help AG is looking for a talented and enthusiastic Security Analyst who will have a strong knowledge and interest in network security. The Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents.

This role requires:

• 2-4 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
• 2-4 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows.

Responsibilities

• Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of critical information security incidents.
• Correlate and analyze events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, threat, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedures.
• Maintain a high degree of awareness of the current threat landscape.
• Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
• Perform other essential duties as assigned.
• Able to work in rotating shifts within a 24/7 operating environment.

Qualifications & Skills

• A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest in internet security, incident detection, network and systems security.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience of analyzing and interpreting system, security, and application logs.
• Knowledge of the type of events that both Firewalls, IDS/IPS, and other security-related devices produce.
• Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
• TCP/IP knowledge, networking, and security product experience.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc., and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• A motivated, self-managed individual who can demonstrate above-average analytical skills and work professionally with peers and customers even under pressure.
• Very good communication skills.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Arabic is preferred.

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams, and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Senior Security Analyst

Date: 12 Sept 2025

Location: DUBAI, AE

Company: ENOC

Senior Security Analyst

The primary function of this role is to monitor the ENOC environment on 24*7 basis and conduct advance analysis’s for events to identify any cyber security threats or attacks on ENOC IT/OT assets. In addition to preforming advance response assessment of the cyber security incident and escalate to Cyber Intelligence Center Manager as per approved policies, processes and procedures.

• Operational
  • Follow response procedures and other CIC related SOPs based on the incident impact analysis & predetermined response actions procedures
  • Manage the communication of policies & guidelines and monitor the compliance CIC operations to the cyber-security policies & guidelines.
  • Work closely with security analysts to get direct feedback about new, unknown suspicious behaviour
  • Handle escalated incident from security analyst to conduct deep investigations.
  • Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets
  • Conduct malware analysis using run-time analysis, comparative analysis, and reverse engineering tools
  • Conduct digital forensics and deep investigations and evidence handling in line with best practices
  • Preform threat hunting, discovery and exploration to identify threats that pass traditional detection tools.
  • Perform proactive research to identify and characterize new emerging threats, vulnerabilities, and risks.
  • Review and align priority, severity and classification of security incidents
  • Develop metrics, reporting and documentation on frequency, impact, and types of incidents.
  • Collaborate on the investigation of incidents, containment, remediation and root cause analysis
  • Collaborate and conduct research to design and implement new security technology, update existing strategies, improve process and create additional documentation.
  • Develop techniques and processes to identify anomalous behavioral patterns.
  • Collect contextual information and pursue technical root cause analysis & attack method analysis
  • Identify gaps, take ownership of tasks and become a contributor to projects related to CIC as needed.
  • Advocate security best practices, strategy, architecture, and assist in security design consultations.
  • Apply strategic and tactical responses in challenging environments with heterogeneous systems.
  • Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC.
  • Participate in Development and implementation of new correlation rules and use-cases in SIEM and enhance the monitoring and detection capabilities of the CIC to integrate SIEM with other monitoring tools with appropriate scripting knowledge skills
  • Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions
  • Participate in closing identified security audit points.
  • Periodically report on IT security status, security systems efficiency, and recommended improvements to management.
  • Should be on-call 24 hours per day to respond to cyber security emergences

Education

• Degree: Bachelor’s degree in Computer Science, Engineering or Business field or equivalent, Diploma with additional relevant experience.
• Required professional certifications: Professional certificate such as CISSP, GCTI , GCFA, GNFA

Experience

• 7+ years of Information security or technology experience.
• 4+ years in relevant experience.
• Working experience in multiple industries (e.g. Energy, Utilities, Retail, Government…) is preferable.
• Working experience in cyber security threats monitoring and handling
• Exposer to OT security operation center experience will be a pulse.

الهدف العام:

تولي المهام المتعلقة بتحليل ومطابقة البرامج والأنظمة التقنية في الدائرة مع متطلبات ومعايير أمن المعلومات المتبعة في حكومة دبي وسياسات الجودة المعتمدة بهذا الشأن وتحليل وحصر أي حالات مخالفة لهذه المعايير والمتطلبات ورفع التوصيات والمقترحات لمعالجتها بالتنسيق مع مختلف الأطراف المعنية

المهام والمسؤوليات الرئيسية:

• تحليل وتقييم تأثير المخاطر الأمنية على أية أنظمة أو تقنيات جديدة المراد تطبيقها بالدائرة بما في ذلك إجراء تقييم الثغرات واختبار الاختراق لجميع الأنظمة الداخلية والمتعلقة بالتدقيق والاختبار الأمني (SOC) ورفع التوصيات بشأن التعامل معها ومعالجتها وفق التوجهات المعتمدة وأفضل الممارسات
• تحليل البيانات والمعلومات المتواجدة داخل الأنظمة وقواعد البيانات لتحديد مجالات التطوير والتعديل المطلوب اتخاذها بهدف رفع وتحسين مستوى كفاءة أمن وحماية الأنظمة التقنية المطبقة لدى الدائرة
• تنفيذ خطط الحد من المخاطر المؤسسية المرتبطة بتطبيقات وأنظمة تقنية المعلومات ورفع التقارير اللازمة بشأنها لرئيس القسم بشكل دوري أو عند الطلب
• التواصل مع مركز دبي للأمن الإلكتروني بكل ما يتعلق بتطبيق البرامج والنظم التقنية المتعلقة بالأمن السيبراني ووفقاً للتوجهات المعتمدة بهذا الشأن وبما يضمن تطبيقها وفق المعايير المعتمدة بهذا الشأن
• تحليل ورصد ومتابعة حوادث الأمن السيبراني في الدائرة ورفع تقارير بشأنها إلى الرئيس المباشر
• اقتراح آليات ووسائل قابلة للتطبيق للحد من تأثير المخاطر الأمنية المرتبطة بأمن المعلومات ما أمكن والخاصة بالأنظمة التقنية لدائرة المالية التشغيلية ووفق أفضل الممارسات
• إعداد مسودة متطلبات نظم أمن المعلومات، وتقديم المقترحات بشأن آليات تطبيقها وتفعيلها بالدائرة بمختلف الوسائل المتاحة
• التدقيق على الصلاحيات الممنوحة للموظفين على الأنظمة والتقنيات المستخدمة بالدائرة ومدى توافقها مع سياسة أمن المعلومات ومسائل الخصوصية للموظفين وغيرهم من المستخدمين المخولين والموردين والموظفين المؤقتين ورفع التقارير الدورية بشأنها
• المشاركة في تطوير وتنفيذ البرامج والورش التدريبية المعنية بأمن معلومات التطبيقات البرامج والأنظمة التقنية بالدائرة والعمل على توعية مستخدميها وتدريبهم على استخدامها بالشكل المطلوب وفقاً لمعايير ومتطلبات أمن المعلومات.
• المتابعة المستمرة والاطلاع على ما يستجد في مجال العمل في مجال أمن معلومات التطبيقات والأنظمة التقنية وأمن المعلومات السيبراني، وتقديم المقترحات لتطوير إجراءات العمل.
• أية مهام أو واجبات أخرى تتعلق بطبيعة العمل حسب التكليف.

Qualifications

المؤهلات العلمية :

أ- الأساسية :

• بكالوريوس في أمن المعلومات/ تقنية المعلومات / أي تخصصات ذات علاقة

• 1- 3 سنوات خبرة لحملة البكالوريوس او ما يعادله في مجالات مشابهة

ب- الإضافية :

• شهادات مهنية متخصصة في مجال العمل أمن المعلومات وإدارة قواعد وأنظمة البيانات

• Minimum 1-to-2-year experience working in a large-scale IT environment with focus on
  SIEM Solution
  . Preferably
  Splunk
  & ArcSight.
• High-level understanding of current security threats & challenges in mitigating those.
• Knowledge of security best practices and concepts.
• Knowledge of Windows and/or Unix-based systems/architectures and related security.
• Intermediate level of knowledge of LAN/WAN technologies.
• Must have a solid understanding of information technology and information security.

Date Opened

08/19/2025

Job Type

Full time

Job Opening Status

In-progress

Work Experience

5+ years

Industry

Technology

Salary

12500

City

Abu Dhabi

State/Province

Abu Dhabi

Country

United Arab Emirates

Zip/Postal Code

51133

Raqmiyat is a UAE-based IT and digital transformation company specializing in consulting, staffing, and enterprise technology solutions. We empower banking, government, and enterprise clients across the Middle East to achieve their digital objectives.

Key Responsibilities:

Penetration Testing and Red Teaming:

• Conduct comprehensive penetration testing and red teaming exercises on systems, networks, applications and mobile to identify vulnerabilities and potential entry points for attackers.
• Develop and execute custom tools and scripts to automate testing and exploitation processes.
• Analyze and report on findings, providing detailed explanations of vulnerabilities and recommended remediation steps.
• Simulate advanced persistent threats (APTs) to test the resilience of security controls and incident response capabilities.
• ASM: Continuously discover and catalog all assets, including hardware, software, and network components.
• ASM: Monitor the attack surface for changes and potential vulnerabilities, using automated tools and manual assessments.

Threat Modeling and Risk Assessment:

• Conduct threat modeling and risk assessments to identify potential attack vectors and vulnerabilities
• Develop and maintain a comprehensive understanding of our systems, networks, and applications to identify potential vulnerabilities
• Provide recommendations for remediation and mitigation strategies
  
  Incident Response and Crisis Management:
• Participate in security incident response and crisis management efforts as needed
• Collaborate with incident response teams to contain and remediate security incidents
• Provide technical expertise and guidance during incident response efforts
• Security Research and Development:
• Stay up-to-date with the latest security threats and trends, and adapt testing methodologies accordingly
• Develop and maintain a comprehensive knowledge of industry-leading security tools and technologies
• Participate in security research and development efforts to identify and develop new testing techniques and methodologies

Antal Motor City is working with a rapidly expanding retail and e-commerce organisation in the UAE to appoint a Cybersecurity Analyst. The organisation is strengthening its information security function to support continued digital growth and ensure the protection of customer data, payment systems and core business platforms.

Role Overview

The Cybersecurity Analyst will be responsible for monitoring, assessing, and mitigating cyber risks across the organisation's retail and online operations. The successful candidate will play a key role in incident response, regulatory compliance and the implementation of security best practices in alignment with business objectives.

Key Responsibilities

• Monitor and analyse security events, escalating and responding to potential incidents promptly.
• Conduct vulnerability assessments, penetration tests and risk analysis across e-commerce systems.
• Enhance security infrastructure, including SIEM, firewalls, IDS/IPS and endpoint protection solutions.
• Ensure adherence to relevant regulatory and industry standards.
• Contribute to security awareness initiatives and staff training programmes.
• Collaborate with IT, operations and senior stakeholders to support the secure design and delivery of new digital platforms.

Candidate Profile

• Bachelor's degree in Cybersecurity, Information Security, Computer Science, or a related discipline.
• 3+years of experience in security operations, incident response, or related areas.
• Strong understanding of payment security, cloud environments, and threat management.
• Practical experience with security monitoring tools and vulnerability management platforms.
• Professional certifications (e.g., CEH, CISSP, CompTIA Security+) are highly advantageous.

What is Offered

• The opportunity to join a forward-looking retail and e-commerce organisation with significant growth ambitions.
• Ongoing professional development, including training and certification support.
• Competitive salary and benefits package.

We request that only candidates who meet the requirements and qualifications stated in the job description apply. We will only consider applicants with the required background and skill set. Your resume will be included in our global talent pool.

We take the protection of your personal information very seriously and strictly adhere to Privacy Policies. By submitting your application, you grant Motor City Dubai Office written consent to keep your resume in our system.

We appreciate your interest in working with us.

Thank you for applying.

Key Responsibilities:

Penetration Testing and Red Teaming:

• Conduct comprehensive penetration testing and red teaming exercises on systems, networks, applications and mobile to identify vulnerabilities and potential entry points for attackers.
• Develop and execute custom tools and scripts to automate testing and exploitation processes.
• Analyze and report on findings, providing detailed explanations of vulnerabilities and recommended remediation steps.
• Simulate advanced persistent threats (APTs) to test the resilience of security controls and incident response capabilities.
• ASM: Continuously discover and catalog all assets, including hardware, software, and network components.
• ASM: Monitor the attack surface for changes and potential vulnerabilities, using automated tools and manual assessments.

Threat Modeling and Risk Assessment:

• Conduct threat modeling and risk assessments to identify potential attack vectors and vulnerabilities
• Develop and maintain a comprehensive understanding of our systems, networks, and applications to identify potential vulnerabilities
• Provide recommendations for remediation and mitigation strategiesIncident Response and Crisis Management:
• Participate in security incident response and crisis management efforts as needed
• Collaborate with incident response teams to contain and remediate security incidents
• Provide technical expertise and guidance during incident response efforts
• Security Research and Development:
• Stay up-to-date with the latest security threats and trends, and adapt testing methodologies accordingly
• Develop and maintain a comprehensive knowledge of industry-leading security tools and technologies
• Participate in security research and development efforts to identify and develop new testing techniques and methodologies

We're Hiring: IT Security Analyst (IT/OT Security & Compliance Analyst)

Location: Qatar | Industry: Oil & Gas

Contract: 3 Years (Extendable)

Salary Package: QAR 20,000 / Month (Full Package)

Key Responsibilities:

• Conduct vulnerability scans, penetration tests, and document findings with mitigation strategies.
• Configure IDS/IPS, EDR, and IAM solutions.
• Support teams in applying patches, anti-malware strategies, and security safeguards.
• Implement security controls, frameworks, and compliance programs aligned with Qatar's CSF and NIA policies.
• Evaluate risks, manage incidents, vulnerability assessments, and penetration testing.
• Define and document security process responsibilities in GRC tools.

Qualifications & Experience:

• Bachelor's in IT/Computer Science or related field.
• Certifications: OSCP, OSCE, CompTIA Security+, Blue Team, ISO 27001 ISMS, ISA 62443.
• Minimum 5 years' cybersecurity experience (Oil & Gas preferred).
• Strong knowledge of IT/OT systems, networks, cloud security, auditing, compliance, and incident response.
• Excellent problem-solving, communication, and analytical skills.

Job Type: Full-time

Pay: AED19, AED20,000.00 per month

Application Question(s):

• Do you hold any relevant cybersecurity certifications (e.g., OSCP, OSCE, CompTIA Security+, ISO 27001 ISMS, ISA 62443)? Please specify.
• How many years of professional experience do you have in cybersecurity?
• Do you have experience in the Oil & Gas sector?
• What is your notice period/availability to join?
• What is your expected monthly salary in QAR (full package)?
• Do you have experience with IT/OT security compliance frameworks such as Qatar's CSF or NIA Policy?