SOC Analyst Incident Response, Threat Hunting

We are seeking a highly skilled and experienced SOC Analyst to join our advanced Security Operations Center in the UAE. The ideal candidate will be responsible for leading incident response, conducting threat hunting activities, and performing forensics investigations across Linux, Windows, and cloud environments (AWS, Azure, GCP). The role demands hands-on experience, strong analytical skills, and an ability to work collaboratively with other cybersecurity and IT teams to protect enterprise assets.Key Responsibilities : Act as a senior point of contact for cybersecurity incidents, coordinating full incident lifecycle: detection, analysis, containment, eradication, recovery, and lessons learned.Lead proactive threat hunting campaigns using EDR, SIEM, and threat intelligence feeds to uncover stealthy threats across enterprise infrastructure.Perform deep-dive digital forensics investigations on endpoints, servers, and cloud platforms to support incident response and root cause analysis.Analyze logs from multiple sources (e.g., firewalls, EDR, SIEM, operating systems) to identify anomalous activities.Develop and tune correlation rules, playbooks, and automation workflows in SIEM and SOAR platforms.Collaborate with threat intelligence teams to contextualize incidents and improve threat detection capabilities.Contribute to red/blue team exercises, tabletop simulations, and security awareness initiatives.Mentor and guide junior analysts; contribute to continuous improvement of SOC processes and procedures.Ensure compliance with industry standards, frameworks (e.g., MITRE ATT&CK, NIST, ISO 27001), and regional regulations.Required Skills & Qualifications: Bachelor s or Master s degree in Computer Science, Information Security, or a related field.Minimum of 7 years of experience in SOC operations, incident response, threat hunting, and/or forensics.Strong expertise in operating systems forensics (Windows, Linux) and cloud security (AWS, Azure, GCP).Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel), EDR solutions (e.g., Crowd Strike, Carbon Black), and forensics tools (e.g., En Case, FTK, Volatility).Familiarity with scripting and automation (Python, Power Shell, Bash).Deep understanding of network protocols, malware behavior, threat actor TTPs, and MITRE ATT&CK framework.Industry certifications preferred: GCIA, GCIH, GCFA, GNFA, OSCP, CISSP, or equivalent.Excellent written and verbal communication skills with the ability to prepare incident reports and present findings to stakeholders.---Nice to Have: Experience working in a 24x7 SOC environment or managed security services provider (MSSP).Familiarity with regulatory compliance standards (e.g., GDPR, NESA, PCI-DSS).Knowledge of zero trust architectures and XDR platforms.Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com#J-18808-Ljbffr