5 Security Operations jobs in the United Arab Emirates

Overview

The Information Security - Specialist will report directly to the Information Security Manager and will be responsible for implementing and managing security measures to protect the Bank's information assets. This role focuses on proactive threat detection, incident response, and vulnerability management across all technology domains, including endpoints and cloud environments. In collaboration with IS management, the Specialist will identify gaps in existing information security policies, standards, guidelines, and procedures, recommending updates to ensure alignment with regulatory requirements, industry best practices, and leading security standards.

JOB CONTEXT/ DIMENSIONS The IS Specialist will be responsible for overseeing security technologies like Cloud Security, DLP, Kubernetes, API security, SIEM and EDR, and ensuring compliance with standards and policies. Responsibilities include managing incident response, performing risk assessments, and optimizing security tools across cloud and network environments. The position requires collaboration with internal teams and external stakeholders to enhance security posture and mitigate threats.

• Assist in developing and implementing the information security strategy and roadmap across all security technology domains.
• Research and analyze security standards, systems, and authentication protocols, providing recommendations to IS management.
• Review architectural security designs, Data flow and offer recommendations for approval by IS management.
• Enforce security policies and control across cloud environments to ensure a secure infrastructure.
• Manage and optimize CSPM tools to continuously monitor and enforce security best practices within cloud environments like Azure.
• Lead cloud incident response efforts, investigating and addressing threats in real-time to mitigate potential security risk.
• Lead the ongoing management of DLP technologies to protect sensitive data from unauthorized access and leakage.
• Regularly review and update DLP policies to reflect changes in business needs, technologies, and regulatory requirements.
• Identify and assess security risks in APIs and Kubernetes by evaluating access control, misconfigurations, and vulnerabilities.
• Enforce security policies and controls for APIs and Kubernetes.
• Oversee the management, optimization, and tuning of the SIEM platform to ensure effective security incident monitoring.
• Conduct deep-dive investigations into security alerts and collaborate with teams to resolve incidents efficiently.
• Conduct regular security audits and reviews to ensure compliance with internal policies and industry standards.
• Manage the deployment and operational effectiveness of EDR solutions to monitor, detect, and respond to endpoint threats.
• Lead incident response for security breaches, including investigation, containment, eradication, and recovery.
• Provide post-incident analysis, identify lessons learned, and improve future response strategies.
• Monitor the bank’s networks for security breaches and investigate violations as they occur.
• Advise IS management on emerging security trends and best practices, assist in updating security policies and procedures, and support departments in investigating breaches and pursuing disciplinary or legal actions as needed.
• Contribute to team efforts by accomplishing related results as needed.
• Perform other duties as may be assigned by IS management.

• Work within framework of bank’s information security policies, standards, guidelines and procedures as applicable.

• Work accomplishments will be reviewed by the Information Security Manager.

• Bachelor’s degree in computer science, Network/ Cyber Security or related information technology field.
• Professional / Technical Qualifications / Diplomas: Platform specific (e.g., SIEM/ Networking/ Operating System) certifications.
• Security (e.g. SANS/ ISC2 / CEH/ CISSP) certifications

8 - 10 years’ experience in Information Security or related field.

• In-depth knowledge and understanding in information security and technology infrastructure, ensuring robust protection of systems and applications.

• Expertise in enforcing cloud security policies, IAM configurations, and data protection practices to ensure a secure infrastructure.

• Proficient in managing and optimizing CSPM tools to continuously monitor and enforce security best practices.

• Experienced in reviewing and enhancing security configurations and architectures to align with industry best practices and compliance requirements.

• Proficient in managing API and Kubernetes security policies, including implementing posture management, access controls, encryption, and continuous monitoring to ensure a secure environment.

• Skilled in conducting thorough vulnerability assessments and comprehensive risk analyses, prioritizing risks and implementing remediation strategies to secure systems.

• Proficiency in configuring and managing DLP tools, data classification, policy enforcement, risk assessment, compliance knowledge, and integrating with security systems to prevent unauthorized data loss.

• Skilled in configuring, optimizing, and managing Security Information and Event Management (SIEM), EDR, and DAM platforms for real-time threat detection and effective incident response.

• Committed to enhancing organizational security posture through ongoing monitoring, assessment, and optimization of security tools and processes.

• Demonstrates innovative thinking by exploring alternative approaches and developing conceptual frameworks to address complex security challenges.

• Possesses strong communication skills, capable of conveying complex security concepts to senior non-technical stakeholders in clear, jargon-free language.

• Adept at managing multiple concurrent projects, effectively prioritizing tasks to meet organizational demands and deadlines.

Help AG is looking for a talented and experienced Incident Response and Forensic Investigation Specialist who will be responsible for off-site and on-site Incident Response activities and customer engagements, leveraging multiple security technologies, guiding and leading customers in the handling of Security Incidents and examining IT and security systems using best-practice digital forensic methods to detect, validate and mitigate IT security related incidents. He / She will join our Cyber Defence team within our Managed Security Services (MSS) business unit. If you have a strong knowledge and interest in incident response and/or digital forensics, this position might be the right one for you.

Responsibilities:

• Lead incident response engagements in unknown environments until all threats are remediated.

• Develop custom incident response plans tied to specific environments and customer situations.

• Examinate and analyse logs/data from a broad variety of security technologies, such as Antiviruses, IDS/IPS, Firewalls, Switches, VPNs and other security threat data sources.

• Perform forensic analysis of different artifacts including RAM, packet captures, logs and disk images.

• Reverse engineer malicious software and develop signatures and indicators of compromise.

• Actively develop incident response tools, scripts, and various detection content.

• Research Red Team techniques, develop custom detection queries, rules, watchlists and other content, and conduct threat hunts.

• Articulate and execute common Incident Response methods (e.g. SANS).

• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.

• Work on-site as required with clients during Live Security Incidents.

• Maintain a high degree of awareness of the current threat landscape.

• Champion excellence and support others in delivering it through active knowledge sharing with team members, writing technical articles for internal knowledge bases, blog posts and reports as required or requested.

• Create and present customer reports to ensure quality, accuracy and value to the client.

• Educate and train other Analysts in execution of Incident Response processes and forensic analysis techniques.

• Perform other essential duties as assigned.

Qualifications & Skills:

• A Degree in Computer Science, Information Systems, Electrical Engineering or a closely related degree.

• 7+ years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, malware analysis, reverse engineering or threat detection.

• At least 2-3 years of experience as a Senior or Lead Analyst, or equivalent experience guiding, mentoring and teaching other Analysts/Security Professionals how to handle Security Incidents.

• Strong background or equivalent experience in four of the following: Security Threat and Event Analysis, Network Security Operations or Engineering, Reverse Engineering, Malware Analysis, Windows/Linux/OSX Forensics, Penetration Testing, Active Directory and Azure Administration.

• Demonstrate experience in handling Incident Response engagements (APTs and Ransomware) using the SANS Incident Response method (or similar).

• CISSP, GCIA, GCIH, GCFA, GCFE, GREM, OSCP certification would be preferable.

• Deep TCP/IP knowledge, networking and security product experience.

• Strong knowledge of Red Team tactics and ability to find adversary traces on Enterprise scale.

• Rapid development in scripting languages: Python/PowerShell /Bash.

• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.

• Demonstrable experience in accountability for and applying the methods of Incident Response, including adherence to process and direct engagement with stakeholders.

• Demonstrable experience in analysing and interpreting system, security and application logs.

• Broad knowledge of the type of events that Firewalls, IDS/IPS and other security related devices produce.

• Demonstrable experience in the use of Digital Forensics tools, techniques and concepts including creating and using custom tools and scripts.

• Static reverse engineering and analysis of malware written in different languages (X86/X64/C/C#, Go, etc.), signatures and Yara/Snort/Sigma rules development.

• Knowledge of attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.

Benefits:

• Health insurance with one of the leading global providers for medical insurance.

• Career progression and growth through challenging projects and work.

• Employee engagement and wellness campaigns activities throughout the year.

• Excellent learning and development opportunities.

• Annual flight tickets.

• Inclusive and diverse working environment.

• Flexible/Hybrid working environment.

• Open door policy.
  

About Us:

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses and governments across the Middle East with strategic consultancy combined with tailored information security services and solutions that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in Feb 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and cybersecurity focused. With best-of-breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Help AG is looking for a talented and experienced Incident Response and Forensic Investigation Specialist (U.A.E National) who will be responsible for off-site and on-site Incident Response activities and customer engagements, leveraging multiple security technologies, guiding and leading customers in the handling of Security Incidents and examining IT and security systems using best-practice digital forensic methods to detect, validate and mitigate IT security related incidents. He / She will join our Cyber Defence team within our Managed Security Services (MSS) business unit. If you have a strong knowledge and interest in incident response and/or digital forensics, this position might be the right one for you.

• Lead incident response engagements in unknown environments until all threats are remediated.

• Develop custom incident response plans tied to specific environments and customer situations.

• Examinate and analyse logs/data from a broad variety of security technologies, such as Antiviruses, IDS/IPS, Firewalls, Switches, VPNs and other security threat data sources.

• Perform forensic analysis of different artifacts including RAM, packet captures, logs and disk images.

• Reverse engineer malicious software and develop signatures and indicators of compromise.

• Actively develop incident response tools, scripts, and various detection content.

• Research Red Team techniques, develop custom detection queries, rules, watchlists and other content, and conduct threat hunts.

• Articulate and execute common Incident Response methods (e.g. SANS).

• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.

• Work on-site as required with clients during Live Security Incidents.

• Maintain a high degree of awareness of the current threat landscape.

• Champion excellence and support others in delivering it through active knowledge sharing with team members, writing technical articles for internal knowledge bases, blog posts and reports as required or requested.

• Create and present customer reports to ensure quality, accuracy and value to the client.

• Educate and train other Analysts in execution of Incident Response processes and forensic analysis techniques.

• Perform other essential duties as assigned.

• A Degree in Computer Science, Information Systems, Electrical Engineering or a closely related degree.

• 7+ years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, malware analysis, reverse engineering or threat detection.

• At least 2-3 years of experience as a Senior or Lead Analyst, or equivalent experience guiding, mentoring and teaching other Analysts/Security Professionals how to handle Security Incidents.

• Strong background or equivalent experience in four of the following: Security Threat and Event Analysis, Network Security Operations or Engineering, Reverse Engineering, Malware Analysis, Windows/Linux/OSX Forensics, Penetration Testing, Active Directory and Azure Administration.

• Demonstrate experience in handling Incident Response engagements (APTs and Ransomware) using the SANS Incident Response method (or similar).

• Should have at least one of the below ACTIVE certifications as a mandatory requirement:

CREST Certified Registered Intrusion Analyst (CRIA)
GIAC Cloud Forensics Responder (GCFR)
GIAC Certified Forensic Analyst (GCFA)

CREST Certified Host Intrusion Analyst (CC-HIA)
CREST Certified Network Intrusion Analyst (CC-NIA)

CREST Certified Incident Manager (CC-IM)

CREST Certified Threat Intelligence Manager (CC-TIM)
GIAC Reverse Engineering Malware (GREM)

• CISSP, GCIA, GCIH, GCFE, OSCP certification would be preferable.

• Deep TCP/IP knowledge, networking and security product experience.

• Strong knowledge of Red Team tactics and ability to find adversary traces on Enterprise scale.

• Rapid development in scripting languages: Python/PowerShell /Bash.

• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.

• Demonstrable experience in accountability for and applying the methods of Incident Response, including adherence to process and direct engagement with stakeholders.

• Demonstrable experience in analysing and interpreting system, security and application logs.

• Broad knowledge of the type of events that Firewalls, IDS/IPS and other security related devices produce.

• Demonstrable experience in the use of Digital Forensics tools, techniques and concepts including creating and using custom tools and scripts.

• Static reverse engineering and analysis of malware written in different languages (X86/X64/C/C#, Go, etc.), signatures and Yara/Snort/Sigma rules development.

• Knowledge of attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.

• Health insurance with one of the leading global providers for medical insurance.

• Career progression and growth through challenging projects and work.

• Employee engagement and wellness campaigns activities throughout the year.

• Excellent learning and development opportunities.

• Inclusive and diverse working environment.

• Flexible/Hybrid working environment.

• Open door policy.

Help AG is the cybersecurity arm of e& enterprise (formerly Etisalat Digital) and provides leading enterprise businesses and governments across the Middle East with strategic consultancy combined with tailored information security services and solutions that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in Feb 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and cybersecurity focused. With best-of-breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

About GWC Networks

GWC Networks is a specialist IT & Cybersecurity systems integrator based in Dubai and India. We deliver cutting‑edge solutions to safeguard businesses from network outages and cyber threats. Partnering with leading vendors like SolarWinds, Group‑IB, GTB, OneLogin, KnowBe4, OpenText, ManageEngine, and more, we help organizations maintain secure, resilient IT environments.

Note:

This role is based in Dubai on a 1‑year contract (extendable). We provide visa and airfare, while all other allowances are included in the salary. Please apply only if you are willing to relocate to Dubai.

Role: Security Engineer – Trellix, Proxy & Skyhigh Operations

We’re looking for a dynamic, results-driven Security Engineer who will Configure, deploy and manage Trellix AV/ATD, Skyhigh CASB, and Secure Web Gateway (SWG) solutions to protect enterprise systems. Monitor alerts, troubleshoot security events, and ensure continuous compliance and service availability.

Key Responsibilities

• Manage Trellix AV, ATD platforms; configure detection & remediation policies.
• Administer Skyhigh CASB for cloud app protection and compliance enforcement.
• Deploy and sustain SWG solutions to enforce web filtering and block malicious content.
• Monitor security tools, analyze alerts, and respond to incident events.
• Troubleshoot and resolve security, proxy, and connectivity issues.
• Maintain compliance with corporate security policies and relevant regulations.
• Produce clear documentation: configurations, operational procedures, incident reports.
• Conduct periodic reviews and tune security systems to minimize false positives.

Requirements

• Bachelor’s degree in CS, IT, Cybersecurity, or equivalent.
• 7+ years experience in security engineering, including AV, CASB, and SWG.
• Hands-on with Trellix, Skyhigh, and proxy technology.
• Strong troubleshooting and incident analysis capabilities.
• Knowledge of security best practices, SSL/TLS protocols.
• Familiarity with security frameworks and compliance environments.

Benefits:

• Competitive salary package based on experience and skillset.
• 12-month contract with possibility to extend based on performance and business needs.
• Opportunities to work on cutting-edge cloud security projects.
• Exposure to global clients and enterprise environments.
• Collaborative and growth-driven work culture.
• Visa and airfare provided; all other allowances included in salary.