5 Vulnerability Assessment jobs in Dubai

At GAC Group IT, our dedication to providing top‑notch solutions to 6000+ users worldwide relies on the dependability of our IT systems, all while upholding our ISO 27001 certification. As we grow the GAC Group IT Team, we are actively seeking an IT Security Analyst to bring his/her technological proficiency to enhance our security protocols.

The Group IT team is dedicated to constructing, configuring, maintaining, and enhancing applications throughout their life cycle while safeguarding them against cyber threats.

• Implement and maintain security solutions for our network, infrastructure and applications hosted in On‑prem Data Center and Azure Cloud.
• Closely work with Software development & DevSecOps teams to resolve issues.
• Guide GAC branch offices to improve their IT security posture.
• Monitor and respond to security incidents and perform root cause analysis.
• Research and stay updated on the latest security trends and best practices.

• A bachelor’s degree in computer science / information security.
• A minimum of 2 years of experience as an IT Security Analyst or a similar role.
• A proficiency in implementing & managing security tools such as CSPM, VAPT, VMDR, EDR.
• Excellent teamwork, problem‑solving, analytical and communication skills.
• Holding relevant certifications such as Azure Security (AZ‑500), CCSP, etc. will be advantageous.

Company: Al Rostamani Group of Companies LLC

Every employee at Al Rostamani Group plays a role in making a real difference to the business and our customers. We care for our employees by offering them meaningful and purposeful work and an opportunity to grow, learn, contribute and succeed. Today, the Al Rostamani Group has come a long way since its birth in 1957. Our group has grown steadfastly with the guiding principles of Commitment, Care & Vision, alongside a strong sense of active involvement in the community. We are a well-diversified group, with a key presence in industries such as General Trading, Automobiles and Heavy Equipment, Travel, Foreign Exchange, Financial Services, Property Management, Construction, Infrastructure Development and Information Technology Services. Our Group employs approximately 2000 people from 41 different nationalities, which contributes to our multicultural and multi-national environment.

The Identity & Access Management (IAM) Security Analyst is responsible for protecting the organisation’s digital assets by managing identities, access controls, and authentication systems. This role ensures that only authorised users can access sensitive data, enforce the principle of least privilege, and support compliance with security policies and regulations. Working closely with IT Security & Governance, Group Information Technology, and other departments, the Analyst helps implement security measures, monitor for threats, and respond to incidents.
Beyond daily operations, the Analyst develops security protocols, works closely with business units to conduct access reviews and security assessments, and recommends improvements to strengthen the organisation’s cybersecurity posture. The role also involves cross‑functional collaboration, providing actionable insights to senior leadership, and promoting a culture of security awareness across the enterprise.

Technical Responsibilities

• Access Management and Review: Lead and manage the IAM lifecycle, including provisioning, modification, deprovisioning, and access reviews across all systems and applications.
• Security Monitoring and Incident Response: Monitor IAM and SIEM logs and alerts to identify and respond to suspicious activity, unauthorised access, and security incidents.
• Technical Due Diligence: Evaluate new applications for IAM compatibility, focusing on authentication, access controls, scalability, and security compliance.
• Vulnerability Assessment and Penetration Testing: Conduct comprehensive VA/PT across IT infrastructure, including servers, web applications, APIs, and mobile applications.
• Security Configuration Management: Oversee and optimise IAM solutions across cloud platforms, ensuring seamless system integrations and secure access through technical controls such as firewalls, WAF, NAC, and PAM.
• Security Technology Research: Actively research, evaluate, and drive next‑generation security technologies and solutions to meet organisational requirements.

Business Responsibilities

• Audit Coordination and Remediation: Support the coordination of internal and external audits, track security audit findings, and report remediation efforts.
• Policy and Governance: Enforce and support the development of IAM policies, procedures, and best practices, and remediate violations in coordination with IT Operations and Application teams.
• Security Training and Awareness: Assist in developing and delivering security training programs and awareness campaigns for employees.
• Compliance Monitoring: Monitor adherence to IT and security governance frameworks and recommend improvements.
• Vendor Liaison: Liaise with vendors for POCs and demos of new IT security requirements.

Qualifications

• Bachelor's degree or higher in a relevant field.
• Security certifications such as Certified Ethical Hacker (CEH) or CompTIA Security+ are preferred.

Experience

• Proven experience (typically 3+ years) in information security.

Knowledge and Skills

• Strong knowledge of cloud security, cybersecurity frameworks, standards, and best practices.
• Strong understanding of IT governance frameworks, regulatory requirements, and industry standards.
• Excellent communication and interpersonal skills.
• Demonstrated ability to influence and collaborate with cross‑functional teams.
• In‑depth understanding of risk management, compliance, and governance principles.

Experience in managing data protection mechanisms, preferably on cloud platforms like Microsoft Purview.

• Knowledge of the Microsoft Defender Suite and the Identity and Access Management suite.
• Understanding security solutions such as NAC, PAM, EDR, DLP, SIEM, SOAR, and NDR.
• Knowledge of security configurations in cloud platforms, e.g., AWS, Azure, and Microsoft 365.

At Al Rostamani Group, we seek talented people who work hard to achieve great things. We consider not only your skills and experience, but also your passion for the role, your desire to learn and how well you align with our core values of care, commitment and vision. If this position represents an opportunity you wish to pursue, we invite you to apply.

Login for faster access to the best deals. Click here if you don't have an account.

Interview Questions for Information Security Analyst roles often focus on key areas like risk management, network security, incident response, and vulnerability assessment. Candidates may be asked about common security tools, threat detection techniques, encryption methods, and how they would handle real-world security incidents. Preparing for these questions helps build confidence and demonstrates the technical knowledge and problem-solving skills required for a successful career in information security.