14 Security Incidents jobs in Dubai

Help AG is looking for a talented and enthusiastic Security Analyst who will have a strong knowledge and interest in network security. The Security Analyst will be responsible for monitoring multiple security technologies and events using the Security Information Event Management (SIEM) tool in order to detect and identify IT security related incidents.

This role requires:

• 2-4 years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, or firewall administration.
• 2-4 years of experience in one of the following: Network operations or engineering or system administration on Unix, Linux, Windows.

Responsibilities

• Follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of critical information security incidents.
• Correlate and analyze events using the Splunk/Log Rhythm/Qradar SIEM tool to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Review customer reports to ensure quality and accuracy.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, threat, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedures.
• Maintain a high degree of awareness of the current threat landscape.
• Participate in knowledge sharing with other analysts and writing technical articles for Internal Knowledge Bases.
• Perform other essential duties as assigned.
• Able to work in rotating shifts within a 24/7 operating environment.

Qualifications & Skills

• A Degree in Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest in internet security, incident detection, network and systems security.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience of analyzing and interpreting system, security, and application logs.
• Knowledge of the type of events that both Firewalls, IDS/IPS, and other security-related devices produce.
• Experience in using SIEM tools such as Splunk, Log Rhythm, Qradar, Alien Vault, NitroSecurity, etc.
• TCP/IP knowledge, networking, and security product experience.
• Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc., and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CCNA, CISSP, GCA, GCIA, GCIH, CEH certification would be preferable.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Strong analytical and problem-solving skills.
• A motivated, self-managed individual who can demonstrate above-average analytical skills and work professionally with peers and customers even under pressure.
• Very good communication skills.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Arabic is preferred.

Benefits

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement and wellness campaigns activities throughout the year.
• Excellent learning and development opportunities.
• Inclusive and diverse working environment.
• Flexible/Hybrid working environment.
• Annual flight tickets to home country.
• Open door policy.

About Us

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity. With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams, and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Dubai, United Arab Emirates | Posted on 16/06/2025

IFZA Dubai is the most dynamic and truly international Free Zone Community in the UAE, optimizing the country's strategic location and world-class infrastructure. We provide easy, reliable, and fast company formation services through our network of Professional Partners and Government Authorities.

Job Overview:

The Information Security Analyst will be responsible for protecting IFZA's information systems by identifying, assessing, and mitigating security risks. This role involves monitoring, analyzing, and responding to security incidents, implementing security measures, and ensuring compliance with industry standards and regulations. The ideal candidate is proactive, detail-oriented, and possesses strong technical and analytical skills.

Main Responsibilities:

• Threat Monitoring and Incident Response :
• Monitor network traffic and security alerts for potential threats using SIEM tools (e.g., Microsoft Sentinel).
• Investigate and respond to security incidents, including malware infections, phishing attacks, and unauthorized access.
• Conduct root cause analysis and document incident reports with remediation recommendations.
• Risk Assessment and Vulnerability Management :
• Perform regular vulnerability scans and penetration testing to identify weaknesses in systems and applications.
• Collaborate with IT teams to prioritize and remediate vulnerabilities.
• Conduct risk assessments to evaluate potential security threats and recommend mitigation strategies.
• Security Policy and Compliance :
• Implement, and enforce security policies, procedures, and standards in alignment with frameworks such as NIST, ISO 27001, or GDPR.
• Ensure compliance with regulatory requirements and industry’s best practices.
• Assist in preparing for and responding to internal and external audits.
• Security Awareness and Training :
• Conduct security awareness training for employees to promote best practices (e.g., password management, phishing prevention).
• Create and distribute educational materials on emerging cyber threats.
• System and Network Security :
• Configure and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions.
• Implement and monitor encryption, authentication, and access control mechanisms.
• Threat Intelligence and Research :
• Stay updated on the latest cyber threats, vulnerabilities, and attack vectors.
• Analyze threat intelligence reports and apply findings to enhance organizational security posture.

• Bachelor’s in Engineering , Computer Science, or related field.
• 8+ years of experience in Information Security.
• Minimum 3 + years hands-on experience in SOC, blue-team, or security engineering roles.
• Proven expertise with Microsoft Sentinel, Microsoft Defender, Incident management, Compromised recovery, patch management and vulnerability management platform .
• Solid grasp of TCP/IP, Windows/Linux internals, AWS/Azure security primitives.
• Scripting for automation (Python, Bash, or PowerShell).
• Familiarity with MITRE ATTACK mapping and threat-hunting methodology.
• CompTIA Security+, CEH, GRC, CCNA or CCNP - Security.
• Analytical mindset with strong investigation and documentation discipline.
• Clear verbal/written communication for incident briefings and executive reports.
• Ability to multitask and stay calm under pressure.
• Experience with Zero Trust architecture projects.
• Knowledge of privacy regulations (GDPR, HIPAA, PDPA).
• Exposure to DevSecOps .
  
• International team (over 60 nationalities)
  
• 24 working days as annual leave
  
• Annual flight home
  
• Life insurance plan
  
• Medical insurance plan (with the option to upgrade at your own cost)
  

Join to apply for the Information Security Analyst role at International Free Zone Authority | IFZA

Join to apply for the Information Security Analyst role at International Free Zone Authority | IFZA

Job Overview:
The Information Security Analyst will be responsible for protecting IFZA's information systems by identifying, assessing, and mitigating security risks. This role involves monitoring, analyzing, and responding to security incidents, implementing security measures, and ensuring compliance with industry standards and regulations. The ideal candidate is proactive, detail-oriented, and possesses strong technical and analytical skills.

Main Responsibilities:

• Threat Monitoring and Incident Response:
  
• Monitor network traffic and security alerts for potential threats using SIEM tools (e.g., Microsoft Sentinel).
  
• Investigate and respond to security incidents, including malware infections, phishing attacks, and unauthorized access.
  
• Conduct root cause analysis and document incident reports with remediation recommendations.
  
• Risk Assessment and Vulnerability Management:
  
• Perform regular vulnerability scans and penetration testing to identify weaknesses in systems and applications.
  
• Collaborate with IT teams to prioritize and remediate vulnerabilities.
  
• Conduct risk assessments to evaluate potential security threats and recommend mitigation strategies.
  
• Security Policy and Compliance:
  
• Implement, and enforce security policies, procedures, and standards in alignment with frameworks such as NIST, ISO 27001, or GDPR.
  
• Ensure compliance with regulatory requirements and industry's best practices.
  
• Assist in preparing for and responding to internal and external audits.
  
• Security Awareness and Training:
  
• Conduct security awareness training for employees to promote best practices (e.g., password management, phishing prevention).
  
• Create and distribute educational materials on emerging cyber threats.
  
• System and Network Security:
  
• Configure and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions.
  
• Implement and monitor encryption, authentication, and access control mechanisms.
  
• Threat Intelligence and Research:
  
• Stay updated on the latest cyber threats, vulnerabilities, and attack vectors.
  
• Analyze threat intelligence reports and apply findings to enhance organizational security posture.
  
  
Requirements
• Bachelor's in Engineering, Computer Science, or related field.
  
• 8+ years of experience in Information Security.
  
• Minimum 3 + years hands-on experience in SOC, blue-team, or security engineering roles.
  
• Proven expertise with Microsoft Sentinel, Microsoft Defender, Incident management, Compromised recovery, patch management and vulnerability management platform.
  
• Solid grasp of TCP/IP, Windows/Linux internals, AWS/Azure security primitives.
  
• Scripting for automation (Python, Bash, or PowerShell).
  
• Familiarity with MITRE ATTACK mapping and threat-hunting methodology.
  
• CompTIA Security+, CEH, GRC, CCNA or CCNP - Security.
  
• Analytical mindset with strong investigation and documentation discipline.
  
• Clear verbal/written communication for incident briefings and executive reports.
  
• Ability to multitask and stay calm under pressure.
  
• Experience with Zero Trust architecture projects.
  
• Knowledge of privacy regulations (GDPR, HIPAA, PDPA).
  
• Exposure to DevSecOps.
  
  
Benefits
• International team (over 60 nationalities)
  
• 24 working days as annual leave
  
• Annual flight home
  
• Life insurance plan
  
• Medical insurance plan (with the option to upgrade at your own cost)
  
Seniority level
• Seniority level Associate
Employment type
• Employment type Full-time
Job function
• Job function Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at International Free Zone Authority | IFZA by 2x

Get notified about new Information Security Analyst jobs in Dubai, Dubai, United Arab Emirates.

Manager, SOC Governance & Regulatory Compliance - Risk

Dubai, Dubai, United Arab Emirates 2 hours ago

Information Security - Identity & Access Governance Information Technology Security Engineer - Azure Penetration Testing Consultant / Cyber Security Analyst – Red Team Cyber Security Analyst - UAE National Only Senior Cybsersecurity Governance Analyst Analyst (UAE National)– Cyber Security & Data Analytics Engineer - information Security -UAE Nationals Only Engineer - information Security -UAE Nationals Only Risk & Quality - Information Security Analyst- Associate - UAE Risk & Quality - Information Security Analyst- Associate - UAE Risk & Quality - Information Security Analyst- Associate - UAE

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Press Tab to Move to Skip to Content Link

Search by Location

Select how often (in days) to receive an alert:

Select how often (in days) to receive an alert:

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients' most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at

Role Purpose

The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information

• Ensuring customer centricity by providing apt cybersecurity
• Monitoring and safeguarding the log sources and security access
• Planning for disaster recovery in the event of any security breaches
• Monitor for attacks, intrusions and unusual, unauthorized or illegal activity
• Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems
• Conduct security assessments, risk analysis and root cause analysis of security incidents
• Handling incidents escalated by the L1 team in 24x7 rotational shifts
• Use advanced analytics tools to determine emerging threat patterns and vulnerabilities
• Completing all tactical security operations tasks associated with this engagement.
• Analyses all the attacks and come up with remedial attack analysis
• Conduct detailed analysis of incidents and create reports and dashboards
• Stakeholder coordination & audit assistance
• Liaise with stakeholders in relation to cyber security issues and provide future recommendations
• Maintain an information security risk register and assist with internal and external audits relating to information security
• Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues
• Advice and guidance to employees on issues such as spam and unwanted or malicious emails

No.

Performance Parameter

Measure

1.

Customer centricity

Timely security breach solutioning to end users, Internal stakeholders & external customers experience

2.

Process Adherence

Adherence to SLA's (90-95%), response time and resolution time TAT

If you encounter any suspicious mail, advertisements, or persons who offer jobs at Wipro, please email us . Do not email your resume to this ID as it is not monitored for resumes and career applications.

Any complaints or concerns regarding unethical/unfair hiring practices should be directed to our Ombuds Group .

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, caste, creed, religion, gender, marital status, age, ethnic and national origin, gender identity, gender expression, sexual orientation, political orientation, disability status, protected veteran status, or any other characteristic protected by law.

Wipro is committed to creating an accessible, supportive, and inclusive workplace. Reasonable accommodation will be provided to all applicants including persons with disabilities, throughout the recruitment and selection process. Accommodations must be communicated in advance of the application, where possible, and will be reviewed on an individual basis. Wipro provides equal opportunities to all and values diversity.

Press Tab to Move to Skip to Content Link

Search by Location

Select how often (in days) to receive an alert:

Select how often (in days) to receive an alert:

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at Job Description

Role Purpose

The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information

• Ensuring customer centricity by providing apt cybersecurity
• Monitoring and safeguarding the log sources and security access
• Planning for disaster recovery in the event of any security breaches
• Monitor for attacks, intrusions and unusual, unauthorized or illegal activity
• Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems
• Conduct security assessments, risk analysis and root cause analysis of security incidents
• Handling incidents escalated by the L1 team in 24x7 rotational shifts
• Use advanced analytics tools to determine emerging threat patterns and vulnerabilities
• Completing all tactical security operations tasks associated with this engagement.
• Analyses all the attacks and come up with remedial attack analysis
• Conduct detailed analysis of incidents and create reports and dashboards
• Stakeholder coordination & audit assistance
• Liaise with stakeholders in relation to cyber security issues and provide future recommendations
• Maintain an information security risk register and assist with internal and external audits relating to information security
• Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues
• Advice and guidance to employees on issues such as spam and unwanted or malicious emails

No.

Performance Parameter

Measure

1.

Customer centricity

Timely security breach solutioning to end users, Internal stakeholders & external customers experience

2.

Process Adherence

Adherence to SLAâs (90-95%), response time and resolution time TAT

If you encounter any suspicious mail, advertisements, or persons who offer jobs at Wipro, please email us at . Do not email your resume to this ID as it is not monitored for resumes and career applications.

Any complaints or concerns regarding unethical/unfair hiring practices should be directed to our Ombuds Group at .

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, caste, creed, religion, gender, marital status, age, ethnic and national origin, gender identity, gender expression, sexual orientation, political orientation, disability status, protected veteran status, or any other characteristic protected by law.

Wipro is committed to creating an accessible, supportive, and inclusive workplace. Reasonable accommodation will be provided to all applicants including persons with disabilities, throughout the recruitment and selection process. Accommodations must be communicated in advance of the application, where possible, and will be reviewed on an individual basis. Wipro provides equal opportunities to all and values diversity.

Press Tab to Move to Skip to Content Link

Search by Location

Select how often (in days) to receive an alert:

Select how often (in days) to receive an alert:

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at Job Description

Role Purpose

The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information

• Ensuring customer centricity by providing apt cybersecurity
• Monitoring and safeguarding the log sources and security access
• Planning for disaster recovery in the event of any security breaches
• Monitor for attacks, intrusions and unusual, unauthorized or illegal activity
• Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems
• Conduct security assessments, risk analysis and root cause analysis of security incidents
• Handling incidents escalated by the L1 team in 24x7 rotational shifts
• Use advanced analytics tools to determine emerging threat patterns and vulnerabilities
• Completing all tactical security operations tasks associated with this engagement.
• Analyses all the attacks and come up with remedial attack analysis
• Conduct detailed analysis of incidents and create reports and dashboards
• Stakeholder coordination & audit assistance
• Liaise with stakeholders in relation to cyber security issues and provide future recommendations
• Maintain an information security risk register and assist with internal and external audits relating to information security
• Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues
• Advice and guidance to employees on issues such as spam and unwanted or malicious emails

No.

Performance Parameter

Measure

1.

Customer centricity

Timely security breach solutioning to end users, Internal stakeholders & external customers experience

2.

Process Adherence

Adherence to SLA’s (90-95%), response time and resolution time TAT

If you encounter any suspicious mail, advertisements, or persons who offer jobs at Wipro, please email us at . Do not email your resume to this ID as it is not monitored for resumes and career applications.

Any complaints or concerns regarding unethical/unfair hiring practices should be directed to our Ombuds Group at .

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, caste, creed, religion, gender, marital status, age, ethnic and national origin, gender identity, gender expression, sexual orientation, political orientation, disability status, protected veteran status, or any other characteristic protected by law.

Wipro is committed to creating an accessible, supportive, and inclusive workplace. Reasonable accommodation will be provided to all applicants including persons with disabilities, throughout the recruitment and selection process. Accommodations must be communicated in advance of the application, where possible, and will be reviewed on an individual basis. Wipro provides equal opportunities to all and values diversity.

As a member of the ETMSA team at Crypto.com , you will be integral to responding to and managing cybersecurity threats and incidents throughout their lifecycle – from Preparation to Identification, Containment, Eradication, Recovery, and Lessons Learned – collaborating with a global team of incident responders.

You will apply your comprehensive skills in cyber defense, digital forensics, log analysis, and intrusion analysis to address security incidents across our endpoints, network, and cloud infrastructure. In this role, you will be responsible for prevention, detection, response, and remediation activities, ensuring that information assets and technologies are adequately protected by leveraging various technologies such as Next-Generation Firewalls (NGFW), Endpoint Detection and Response (EDR), Intrusion Detection/Prevention Systems (IDS/IPS), Data Loss Prevention (DLP), and more.

You will also leverage your collaboration and communication skills to work effectively with all relevant stakeholders in multicultural and global environments.

Responsibilities

- Report to Director to facilitate all phases in the incident response lifecycle

- Be involved in various incident prevention projects to improve Security posture

Preparation:

- Understand different regulatory and compliance requirements like critical time to report, escalation flows, etc.

- Take part in self-assessment exercises like Tabletop Exercises, Attack Simulations, Red/Purple Team exercises to make sure the incident response process is working smoothly

Develop incident response runbooks, playbooks and SOPs with reference to different regulatory requirements

- Evaluate the incident response readiness of different layers - people, process, technology

Detection & Analysis:

- Respond to the cyber security incidents escalated from various channels including the 24/7 SOC team.

- Respond to cyber security incidents in compliance with the local authority / regulatory requirements.

- Assess the risk, impact and scope of the identified security threats

- Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs

Containment, Eradication and Recovery:

- Communicate with the stakeholders and provide guidance, recommendations to contain and eradicate the security incident

- Participate in root cause analysis using forensic and other custom tools to identify any sources of compromise and/or malicious activities taking place.

- Document and present investigative findings for high profile events and other incidents of interest.

Post incident activities:

- Provide lessons learnt meeting to the stakeholders

- Lead and keep track on the follow-up activities

- Document the incident in the case management system and provide incident reports

Always ready to jump in, in the event of security incidents.

• At least 5 years experience in the Cyber Security industry
• Strong technical and analytical skills
• Familiar with the cyber security incident response process
• Familiarity with AI tools and their application in automating security tasks and processes.
• Hands-on experience on performing incident response activities
• Have scripting experience like Bash, PowerShell, Python, Go, etc, and the ability to use these skills to aid in responding to incidents involving Windows, Linux, macOS, as well as cloud environment
• Have knowledge of cybersecurity tools and software like NGFW, EDR, IDS/IPS, EDR, DLP, SIEM, other log management platforms, etc.
• Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain
• Be passionate on exploring new technologies and having creative initiative to boost the team capabilities
• Holders of security related certifications is a plus ( e.g.Azure , AWS, CISSP, GCIH, GCIA, GCFA, GNFA, GREM, or other equivalent)
• Awareness of regulatory and compliance requirements like GDPR, MAS, PSD2 etc is a plus.

• Fast learner with can do attitude and ready to get the hands dirty
• A strong team player who can collaborate with compassion
• Passionate to learn and willing to put in the extra effort
• Understand the concept of ownership and accountability coupled with sense of urgency and prioritisation
• Confidence in handling incidents and managing relevant senior and technical stakeholders
• Possess business acumen/mindset (not only technical) when making critical decisions

As a member of the ETMSA team at Crypto.com , you will be integral to responding to and managing cybersecurity threats and incidents throughout their lifecycle – from Preparation to Identification, Containment, Eradication, Recovery, and Lessons Learned – collaborating with a global team of incident responders.

You will apply your comprehensive skills in cyber defense, digital forensics, log analysis, and intrusion analysis to address security incidents across our endpoints, network, and cloud infrastructure. In this role, you will be responsible for prevention, detection, response, and remediation activities, ensuring that information assets and technologies are adequately protected by leveraging various technologies such as Next-Generation Firewalls (NGFW), Endpoint Detection and Response (EDR), Intrusion Detection/Prevention Systems (IDS/IPS), Data Loss Prevention (DLP), and more.

You will also leverage your collaboration and communication skills to work effectively with all relevant stakeholders in multicultural and global environments.

• Report to Director to facilitate all phases in the incident response lifecycle
• Be involved in various incident prevention projects to improve Security posture
• Preparation:
• Understand different regulatory and compliance requirements like critical time to report, escalation flows, etc.
• Take part in self-assessment exercises like Tabletop Exercises, Attack Simulations, Red/Purple Team exercises to make sure the incident response process is working smoothly
• Develop incident response runbooks, playbooks and SOPs with reference to different regulatory requirements
• Evaluate the incident response readiness of different layers - people, process, technology
• Detection & Analysis:
• Respond to the cyber security incidents escalated from various channels including the 24/7 SOC team.
• Respond to cyber security incidents in compliance with the local authority / regulatory requirements.
• Assess the risk, impact and scope of the identified security threats
• Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs
• Containment, Eradication and Recovery:
• Communicate with the stakeholders and provide guidance, recommendations to contain and eradicate the security incident
• Participate in root cause analysis using forensic and other custom tools to identify any sources of compromise and/or malicious activities taking place.
• Document and present investigative findings for high profile events and other incidents of interest.
• Post incident activities:
• Provide lessons learnt meeting to the stakeholders
• Lead and keep track on the follow-up activities
• Document the incident in the case management system and provide incident reports
• Always ready to jump in, in the event of security incidents.

• At least 5 years experience in the Cyber Security industry
• Strong technical and analytical skills
• Familiar with the cyber security incident response process
• Familiarity with AI tools and their application in automating security tasks and processes
• Hands-on experience on performing incident response activities
• Have scripting experience like Bash, PowerShell, Python, Go, etc, and the ability to use these skills to aid in responding to incidents involving Windows, Linux, macOS, as well as cloud environment
• Have knowledge of cybersecurity tools and software like NGFW, EDR, IDS/IPS, EDR, DLP, SIEM, other log management platforms, etc
• Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain
• Be passionate on exploring new technologies and having creative initiative to boost the team capabilities
• Holders of security related certifications is a plus (e.g.Azure, AWS, CISSP, GCIH, GCIA, GCFA, GNFA, GREM, or other equivalent)
• Awareness of regulatory and compliance requirements like GDPR, MAS, PSD2 etc is a plus

• Fast learner with can do attitude and ready to get the hands dirty
• A strong team player who can collaborate with compassion
• Passionate to learn and willing to put in the extra effort
• Understand the concept of ownership and accountability coupled with sense of urgency and prioritisation
• Confidence in handling incidents and managing relevant senior and technical stakeholders
• Possess business acumen/mindset (not only technical) when making critical decisions

Cybersecurity Threat Response Specialist

We are seeking a highly skilled Cybersecurity Threat Response Specialist to join our team. This role will play a vital part in managing and responding to cybersecurity threats and incidents throughout their lifecycle.

The successful candidate will collaborate with a global incident response team, applying comprehensive skills in cyber defense, digital forensics, log analysis, and intrusion analysis to address security incidents across endpoints, network, and cloud infrastructure.

This includes preventing, detecting, responding, and remediating activities to ensure that information assets and technologies are adequately protected using various technologies such as Next-Generation Firewalls (NGFW), Endpoint Detection and Response (EDR), Intrusion Detection/Prevention Systems (IDS/IPS), Data Loss Prevention (DLP), and more.

Responsibilities include reporting to Director to facilitate all phases in the incident response lifecycle, being involved in various incident prevention projects to improve Security posture, preparing for incident responses, conducting detection & analysis, containment, eradication, and recovery, post-incident activities, and always being ready to jump in during security incidents.

Requirements

• At least 5 years' experience in the Cyber Security industry.
• Strong technical and analytical skills.
• Familiarity with the cybersecurity incident response process.
• Familiarity with AI tools and their application in automating security tasks and processes.
• Hands-on experience performing incident response activities.
• Knowledge of scripting languages like Bash, PowerShell, Python, Go, etc., and the ability to use these skills to aid in responding to incidents involving Windows, Linux, macOS, as well as cloud environments.
• Knowledge of cybersecurity tools and software like NGFW, EDR, IDS/IPS, EDR, DLP, SIEM, other log management platforms, etc.
• Familiarity with the MITRE ATT&CK Framework and/or Cyber Kill Chain.
• Awareness of regulatory and compliance requirements like GDPR, MAS, PSD2, etc.

Preferred Skills

• Fast learner with a can-do attitude and ready to get hands dirty.
• A strong team player who can collaborate with compassion.
• Passionate to learn and willing to put in extra effort.
• Understanding of ownership and accountability coupled with a sense of urgency and prioritization.
• Confidence in handling incidents and managing relevant senior and technical stakeholders.
• Possess business acumen/mindset when making critical decisions.