SOC Analyst – Incident Response, Threat Hunting

Get AI-powered advice on this job and more exclusive features.Continue with Google Continue with Google Continue with Google Continue with Google Continue with Google Continue with Google Job Title: SOC Analyst – Incident Response, Threat Hunting & Forensics Location: United Arab Emirates Experience: 7+ Years Job Type: Long-Term

On-site Department: Cybersecurity / Security Operations Center (SOC)Job Summary We are seeking a highly skilled and experienced SOC Analyst to join our advanced Security Operations Center in the UAE. The ideal candidate will be responsible for leading incident response, conducting threat hunting activities, and performing forensics investigations across Linux, Windows, and cloud environments (AWS, Azure, GCP). The role demands hands-on experience, strong analytical skills, and an ability to work collaboratively with other cybersecurity and IT teams to protect enterprise assets.Key Responsibilities Act as a senior point of contact for cybersecurity incidents, coordinating full incident lifecycle: detection, analysis, containment, eradication, recovery, and lessons learned.Lead proactive threat hunting campaigns using EDR, SIEM, and threat intelligence feeds to uncover stealthy threats across enterprise infrastructure.Perform deep-dive digital forensics investigations on endpoints, servers, and cloud platforms to support incident response and root cause analysis.Analyze logs from multiple sources (e.g., firewalls, EDR, SIEM, operating systems) to identify anomalous activities.Develop and tune correlation rules, playbooks, and automation workflows in SIEM and SOAR platforms.Collaborate with threat intelligence teams to contextualize incidents and improve threat detection capabilities.Contribute to red/blue team exercises, tabletop simulations, and security awareness initiatives.Mentor and guide junior analysts; contribute to continuous improvement of SOC processes and procedures.Ensure compliance with industry standards, frameworks (e.g., MITRE ATT&CK, NIST, ISO 27001), and regional regulations.Required Skills & Qualifications Bachelor's or Master's degree in Computer Science, Information Security, or a related field.Minimum of 7 years of experience in SOC operations, incident response, threat hunting, and/or forensics.Strong expertise in operating systems forensics (Windows, Linux) and cloud security (AWS, Azure, GCP).Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel), EDR solutions (e.g., Crowd Strike, Carbon Black), and forensics tools (e.g., En Case, FTK, Volatility).Familiarity with scripting and automation (Python, Power Shell, Bash).Deep understanding of network protocols, malware behavior, threat actor TTPs, and MITRE ATT&CK framework.Industry certifications preferred: GCIA, GCIH, GCFA, GNFA, OSCP, CISSP, or equivalent.Excellent written and verbal communication skills with the ability to prepare incident reports and present findings to stakeholders.Nice To Have Experience working in a 24x7 SOC environment or managed security services provider (MSSP).Familiarity with regulatory compliance standards (e.g., GDPR, NESA, PCI-DSS).Knowledge of zero trust architectures and XDR platforms.Skills: threat hunting,windows,soc,threat intelligence,log analysis,edr,platforms,azure,scripting,network protocols,hunting,automation,malware behavior,operations,mitre att&ck,gcp,siem,linux,cloud,aws,incident response,forensics,security,cloud security Seniority level Seniority level Mid-Senior level Employment type Employment type Full-time Job function Job function Information Technology Industries IT Services and IT Consulting Referrals increase your chances of interviewing at K20s - Kinetic Technologies Private Limited by 2x Get notified about new Security Operations Center Analyst jobs in Dubai, Dubai, United Arab Emirates.Chief Specialist – Infrastructure Systems Operations Monitoring SOC ANALYST(SIEM , Load Balancer, WAF,PAM)-Dubai Privilege Access Management (PAM) Expert Risk & Quality - Information Security Analyst- Associate - UAESenior Cyber Security and Incident Response Cyber Security Engineer - L2(Immediate Joiner)Dubai, Dubai, United Arab Emirates 1 year ago Assistant Manager/Manager - Privileged Access Management - Cybersecurity Data Privacy & Security Engineer – Compliance, Risk & Encryption5G Security Specialist – Infrastructure, Signaling Threats & Telco Security Red Team & Security Assessment Specialist – Penetration Testing, Adversary Dubai, Dubai, United Arab Emirates 1 year ago Senior Engineer Network and Security Operations Risk & Quality - Information Security Analyst- Associate - UAECyber Security L2 - Compliance Management We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.#J-18808-Ljbffr