20 Security Incidents jobs in Dubai

Help AG is looking for a talented and enthusiastic Security Analyst who will have a strong knowledge and interest in network security. The Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents.

This role requires:

• 2-4 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
• 2-4 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows.

Responsibilities

• Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of critical information security incidents.
• Correlate and analyze events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, threat, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedures.
• Maintain a high degree of awareness of the current threat landscape.
• Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
• Perform other essential duties as assigned.
• Able to work in rotating shifts within a 24/7 operating environment.

Qualifications & Skills

• A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest in internet security, incident detection, network and systems security.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience of analyzing and interpreting system, security, and application logs.
• Knowledge of the type of events that both Firewalls, IDS/IPS, and other security-related devices produce.
• Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
• TCP/IP knowledge, networking, and security product experience.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc., and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• A motivated, self-managed individual who can demonstrate above-average analytical skills and work professionally with peers and customers even under pressure.
• Very good communication skills.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Arabic is preferred.

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams, and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Senior Security Analyst

Date: 12 Sept 2025

Location: DUBAI, AE

Company: ENOC

Senior Security Analyst

The primary function of this role is to monitor the ENOC environment on 24*7 basis and conduct advance analysis’s for events to identify any cyber security threats or attacks on ENOC IT/OT assets. In addition to preforming advance response assessment of the cyber security incident and escalate to Cyber Intelligence Center Manager as per approved policies, processes and procedures.

• Operational
  • Follow response procedures and other CIC related SOPs based on the incident impact analysis & predetermined response actions procedures
  • Manage the communication of policies & guidelines and monitor the compliance CIC operations to the cyber-security policies & guidelines.
  • Work closely with security analysts to get direct feedback about new, unknown suspicious behaviour
  • Handle escalated incident from security analyst to conduct deep investigations.
  • Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets
  • Conduct malware analysis using run-time analysis, comparative analysis, and reverse engineering tools
  • Conduct digital forensics and deep investigations and evidence handling in line with best practices
  • Preform threat hunting, discovery and exploration to identify threats that pass traditional detection tools.
  • Perform proactive research to identify and characterize new emerging threats, vulnerabilities, and risks.
  • Review and align priority, severity and classification of security incidents
  • Develop metrics, reporting and documentation on frequency, impact, and types of incidents.
  • Collaborate on the investigation of incidents, containment, remediation and root cause analysis
  • Collaborate and conduct research to design and implement new security technology, update existing strategies, improve process and create additional documentation.
  • Develop techniques and processes to identify anomalous behavioral patterns.
  • Collect contextual information and pursue technical root cause analysis & attack method analysis
  • Identify gaps, take ownership of tasks and become a contributor to projects related to CIC as needed.
  • Advocate security best practices, strategy, architecture, and assist in security design consultations.
  • Apply strategic and tactical responses in challenging environments with heterogeneous systems.
  • Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC.
  • Participate in Development and implementation of new correlation rules and use-cases in SIEM and enhance the monitoring and detection capabilities of the CIC to integrate SIEM with other monitoring tools with appropriate scripting knowledge skills
  • Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions
  • Participate in closing identified security audit points.
  • Periodically report on IT security status, security systems efficiency, and recommended improvements to management.
  • Should be on-call 24 hours per day to respond to cyber security emergences

Education

• Degree: Bachelor’s degree in Computer Science, Engineering or Business field or equivalent, Diploma with additional relevant experience.
• Required professional certifications: Professional certificate such as CISSP, GCTI , GCFA, GNFA

Experience

• 7+ years of Information security or technology experience.
• 4+ years in relevant experience.
• Working experience in multiple industries (e.g. Energy, Utilities, Retail, Government…) is preferable.
• Working experience in cyber security threats monitoring and handling
• Exposer to OT security operation center experience will be a pulse.

Date: 12 Sept 2025

Location: DUBAI, AE

Company: ENOC

Senior Security Analyst

The primary function of this role is to monitor the ENOC environment on 24*7 basis and conduct advance analysis's for events to identify any cyber security threats or attacks on ENOC IT/OT assets. In addition to preforming advance response assessment of the cyber security incident and escalate to Cyber Intelligence Center Manager as per approved policies, processes and procedures.

• Operational
  • Follow response procedures and other CIC related SOPs based on the incident impact analysis & predetermined response actions procedures
  • Manage the communication of policies & guidelines and monitor the compliance CIC operations to the cyber-security policies & guidelines.
  • Work closely with security analysts to get direct feedback about new, unknown suspicious behaviour
  • Handle escalated incident from security analyst to conduct deep investigations.
  • Gain knowledge of existing policies, standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of ENOC information assets
  • Conduct malware analysis using run-time analysis, comparative analysis, and reverse engineering tools
  • Conduct digital forensics and deep investigations and evidence handling in line with best practices
  • Preform threat hunting, discovery and exploration to identify threats that pass traditional detection tools.
  • Perform proactive research to identify and characterize new emerging threats, vulnerabilities, and risks.
  • Review and align priority, severity and classification of security incidents
  • Develop metrics, reporting and documentation on frequency, impact, and types of incidents.
  • Collaborate on the investigation of incidents, containment, remediation and root cause analysis
  • Collaborate and conduct research to design and implement new security technology, update existing strategies, improve process and create additional documentation.
  • Develop techniques and processes to identify anomalous behavioral patterns.
  • Collect contextual information and pursue technical root cause analysis & attack method analysis
  • Identify gaps, take ownership of tasks and become a contributor to projects related to CIC as needed.
  • Advocate security best practices, strategy, architecture, and assist in security design consultations.
  • Apply strategic and tactical responses in challenging environments with heterogeneous systems.
  • Provide functional support and content development and improvements for the SIEM and other security technologies used by CIC.
  • Participate in Development and implementation of new correlation rules and use-cases in SIEM and enhance the monitoring and detection capabilities of the CIC to integrate SIEM with other monitoring tools with appropriate scripting knowledge skills
  • Coordinate with internal and external stakeholders to handle cyber incidents as per approved SOPs and management directions
  • Participate in closing identified security audit points.
  • Periodically report on IT security status, security systems efficiency, and recommended improvements to management.
  • Should be on-call 24 hours per day to respond to cyber security emergences

Education

• Degree: Bachelor's degree in Computer Science, Engineering or Business field or equivalent, Diploma with additional relevant experience.
• Required professional certifications: Professional certificate such as CISSP, GCTI , GCFA, GNFA

Experience

• 7+ years of Information security or technology experience.
• 4+ years in relevant experience.
• Working experience in multiple industries (e.g. Energy, Utilities, Retail, Government…) is preferable.
• Working experience in cyber security threats monitoring and handling
• Exposer to OT security operation center experience will be a pulse.

We are seeking a highly skilled cyber security and data analytics professional to join our team. The ideal candidate will have a strong foundation in cybersecurity, data science, or related fields, and be able to analyze large datasets to identify trends, risks, and opportunities.

The successful candidate will be responsible for conducting thorough risk assessments and supporting the development of robust security strategies, policies, and frameworks. Additionally, they will be expected to develop actionable insights through data analysis and visualization.

Key skills required for this role include:

• Bachelor's or master's degree in Cybersecurity, IT, Computer Science, Data Science, or related fields.
• 0-1 year of experience in cybersecurity, data analytics, or technology consulting (internships welcome).
• Certifications such as CISSP, CISM, CISA, or CRISC are advantageous.
• Knowledge of standards like ISO 27001, NIST, PCI DSS, and UAE NESA.
• Proficiency in Excel and familiarity with analytics tools (Python, R, SQL, Power BI, Tableau) is a plus.

About This Role

This is an exciting opportunity for a motivated individual to contribute to the growth and success of our organization. As a cyber security and data analytics professional, you will play a key role in ensuring the security and integrity of our systems and data.

What We Offer

In addition to a competitive salary, we offer a range of benefits including professional development opportunities, flexible working arrangements, and a supportive team environment.

Join to apply for the Senior/Staff Application Security Analyst (Bangkok based, relocation provided) role at Agoda

Overview
The Security Department oversees security, governance, risk management, and compliance, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees to keep Agoda safe and protected. This role offers the opportunity to work with cutting-edge technology in a dynamic and advanced environment, focusing on application security across Agoda's environment.

• Identify, analyze, and remediate vulnerabilities across the environment.
• Hands-on penetration testing and vulnerability management to ensure secure and resilient systems.
• Develop security automation tools to implement solutions at scale.
• Triage security findings from multiple tools and coordinate with hundreds of teams to remediate within the defined SLA.
• Conduct security assessments through code reviews, vulnerability assessments, penetration testing, and risk analysis.
• Research the negative effects of vulnerabilities and adjust security controls for future prevention.
• Identify potential threats to protect the organization from malicious actors, including Vulnerability Management, Bug Bounty Program, and Penetration Testing.
• Develop security trainings for developers.
• Collaborate with the DevSecOps team to integrate tools into CI/CD and fine-tune rules and precision.

• 5+ years in information security.
• 5+ years of experience with penetration testing (Web, Infra, Mobile, APIs, etc.) and vulnerability management.
• Minimum 1 year of experience running a bug bounty platform.
• Minimum 2 years of experience with public/private cloud environments (e.g., OpenShift, Rancher, Kubernetes, AWS, GCP, Azure).
• Experience performing security testing (code review and web application security testing).
• Familiarity with GitLab, DefectDojo, JIRA, Confluence.
• Proficient in one or more programming languages (Python, Go, Node.js, etc.).
• Familiar with analytics platforms and databases (GraphQL, REST APIs, PostgreSQL, MSSQL, Kafka, Hadoop, S3, etc.).
• Strong knowledge of security assessment tools (Nessus, Acunetix, and similar platforms) and fuzzers.

• Knowledge in container image security, dependency checking, fuzzing, and license scanning.
• Familiarity with security incident response processes and zero-days.
• Security certifications.
• Relocation package is provided for relocating to Bangkok, Thailand.
• Hybrid working model; WFH setup allowance; 30 days remote work from anywhere globally each year.
• Employee discounts for accommodation globally; global team of 90+ nationalities; 40+ offices and 25+ countries.
• Annual CSR / Volunteer time off; Benevity subscription for employee donations; volunteering opportunities globally.
• Free Headspace, Odilo & Udemy subscriptions; access to Employee Assistance Program.
• Enhanced parental leave; life, TPD & accident insurance.

Equal Opportunity Employer We are an equal opportunity employer and value diversity. We encourage applications from candidates of all backgrounds and experiences.

Disclaimer: We do not accept unsolicited third-party submissions. We reserve the right to hire directly if we receive unsolicited CVs.

Senior/Staff Application Security Analyst (Bangkok based, relocation provided) role at Agoda.

Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of hotels, holiday properties, flights, activities, and more. Based in Asia and part of Booking Holdings, our employees foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world.

• As a Security Analyst, you will focus on identifying, analyzing, and remediating vulnerabilities across our environment. You will be hands-on with penetration testing and vulnerability management, ensuring our systems remain secure and resilient.
• Develop Security Automation Tools to implement solutions at scale.
• Triage security findings from multiple tools and work with hundreds of teams to get them remediated within the right SLA.
• Conduct security assessments through code reviews, vulnerability assessments, penetration testing and risk analysis.
• Research the negative effects of a vulnerability, from minimizing the impact to altering security controls for future prevention.
• Identify potential threats so that the organization can protect itself from malicious hackers. This includes Vulnerability Management, Bug Bounty Program, Penetration Testing.
• Be responsible for developing Security Trainings for developers.
• Work with the DevSecOps team in the integration of tools into CI/CD, as well as fine-tune the rules and precision.

• 5+ years in the information security field
• 5+ years of experience with Penetration Testing (Web, Infra, Mobile, APIs etc.) and Vulnerability Management
• Minimum 1 year of experience running a bug bounty platform
• Minimum 2 years of experience with any of public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.)
• Experience performing security testing, e.g. code review and web application security testing.
• Familiarity with Gitlab, Defectdojo, JIRA, Confluence.
• Proficient in one or more programming languages such as Python, Go, Node.js, Python etc.
• Familiar with analytics platforms and databases such as GraphQL, REST APIs, Postgres, MSSQL, Kafka, Hadoop, S3 etc.
• Strong knowledge of Security Assessment tools such as security scanners (Nessus, Acunetix and similar platforms) and fuzzers.

• Knowledge in Container Image Security, Dependency Checking, Fuzzing and License Scanning
• Familiarity with security incident response processes and 0-days
• Security Certifications
• Relocation package is provided in case you prefer to relocate to Bangkok, Thailand. Our benefits are.
• Hybrid Working Model
• WFH Set Up Allowance
• 30 Days of Remote Working from anywhere globally every year
• Employee discount for accommodation globally
• Global team of 90+ nationalities
• 40+ offices and 25+ countries
• Annual CSR / Volunteer Time off
• Benevity Subscription for employee donations
• Volunteering opportunities globally
• Free Headspace subscription
• Free Odilo & Udemy subscriptions
• Access to Employee Assistance Program (third party for personal and workplace support)
• Enhanced Parental Leave
• Life, TPD & Accident Insurance

At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person's merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy.

We do not accept any terms or conditions, nor do we recognize any agency's representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.

In this role, you will have the opportunity to work closely with our esteemed clients.

Job Overview:

1. Incident Response Process Ownership: Detect, validate, contain, and communicate security events and incidents such as malware infections, potential compromise, DDoS , etc. Ensure appropriate tuning, correlation of critical logs, connection to incident response process, and reporting of relevant metrics.
2. Security Incident and Event Management (SIEM) Strategy: Drive strategy for SIEM and oversee effectiveness of technology and process. Involve creation and maintenance of security operation playbooks with IT teams to effectively trigger and execute security incident response process.
3. Logging and Monitoring Across Infrastructure & Applications: Manage current state of logging and monitoring, maintain vision of ideal state of logging and monitoring, and drive prioritized roadmap to reduce gaps.
4. Internal / External Engagements: Act as SPOC for all escalated client communications and handle day-to-day operations of the Security Operations Centre reporting to SOC Manager.

Key Responsibilities:

logging, event management, steps validation, metrics, infrastructure strategy, security communication management

What We Offer:

We offer a dynamic and challenging work environment that fosters growth and development.

We are seeking a highly skilled Incident Response Specialist to join our team. The ideal candidate will be responsible for rapidly addressing security incidents and threats, strategizing, and leading incident engagements with staff at all levels.

On the ground, you will monitor threats targeting our company and help prevent attacks from occurring or escalating. This is an excellent opportunity to leverage your expertise in cybersecurity to drive business outcomes.

• Perform end-to-end handling of all critical, high, and medium cybersecurity incidents
• Draft incident reports and communicate incident summaries to senior leadership, end users, and legal teams
• Write playbooks for different types of cybersecurity incidents and use automation to reduce MTTR
• Automate repetitive incident-response tasks using automation platforms and/or programming
• Optimize existing security controls to fine-tune alerts and reduce false positives
• Gather open source and commercial threat intelligence and perform hunting across the enterprise for undetected threats
• Support legal and regulatory teams as a technical SME for cyber incidents with regulatory requirements
• Evaluate new technologies and drive POCs for new security products

Note: You will be expected to leverage coding skills to develop and automate solutions that enhance detection and response capabilities.

• 5+ years in Cyber Security, specifically Incident Response, with 24/7 SOC experience
• Strong understanding of NIST, CSF, MITRE, and other cybersecurity frameworks
• Programming or scripting skills (e.g., Python, C++) for automating incident-response tasks and developing custom tools
• Ability to write and tune detection rules across security platforms
• Hands-on experience dealing with major security incidents
• Automation proficiency using automation platforms or programming
• Malware analysis and digital forensics experience is a plus
• Relevant certifications (e.g., CISSP, ECSA, GISP, GCIH, GCFE, GCFA) are a plus
• Excellent multitasking ability with adaptability and teamwork
• Strong English communication skills (oral and written)

• Hybrid working model
• WFH setup allowance
• 30 days remote working from anywhere globally each year
• Employee discounts for accommodations worldwide
• Global team of 90+ nationalities, 40+ offices across 25+ countries
• CSR/Volunteer time off, Benevity donation subscription, volunteering opportunities
• Free Headspace, Odilo & Udemy subscriptions
• Employee Assistance Program and enhanced parental leave
• Life, total and accidental insurance

At our company, we are an equal opportunity employer and value diversity. Employment is based on merit and qualifications, without regard to sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, or other legally protected characteristics.

Job Summary:

We are seeking a seasoned Security Incident Response Manager to join our team. This key role will oversee the development and implementation of incident management policies and procedures, ensuring seamless communication with stakeholders.

Key Responsibilities:

• Develop strategic direction for the incident management process, providing oversight and guidance to team members.
• Lead coordination efforts for major security incidents, managing investigation, analysis, containment, recovery, communication, and reporting.
• Mentor junior team members in incident response best practices and conduct post-incident reviews to identify lessons learned and implement improvements.
• Stay up-to-date with industry standards and regulations, applying knowledge to enhance security measures.
• Maintain effective communication channels with stakeholders, fostering trust and transparency.

Requirements:

• 12+ years in information security with 6-8+ years in Security Incident Response experience.
• Familiarity with advanced SOC monitoring technologies, risk, threat, and security measures.
• Strong understanding of standards and regulations such as NIST 800-61, CERT/CC, PCI, ISO 27035, etc.

About Us:

This position offers a unique opportunity to contribute to the growth and success of our organization while advancing your career in security incident response.