Job Description

SOC L3 Engineer

Experience

10+ years of deep technical and strategic experience in Cyber Security.

Availability

8x5 Onsite (Business Days) with On-Call service outside business hours.

Core Mandate

Strategic threat analysis, content strategy, and advanced Digital Forensics and Incident Response (DFIR) guidance.

Key Responsibilities:

Provide the highest level of technical expertise and guidance during complex and critical security incidents (DFIR). Determine the

timeline of the intrusion

and the initial method of compromisefor significant incidents. Analyze security reports to understand threat campaign techniques and translate them into applicable use cases, lateral movement rules, and extract Indicators of Compromise (IOCs). Develop comprehensive guides for mitigation actions in the Customer environment, considering effect, permission, and limitation of each measure. Describe the overall attack methodology and categorize incidents for correct escalation procedures. Communicate and coordinate cross-functional incident response efforts at a strategic level. Serve as the final escalation point for L2 technical challenges and content creation.

Required Skills:

Mastery of DFIR processes, toolsets, and methodologies. Expertise in threat intelligence integration and threat modeling. Strong leadership and strategic communication skills. Certifications (ISC) Certified Information Systems Security Professional (CISSP) (Premier certification for designing, implementing, and managing security programs).

GIAC Certified Forensic Analyst (GCFA) (Deep expertise in forensic investigation and root cause analysis). GIAC Certified Enterprise Defender (GCED) (Focus on advanced security essentials). Certified Information Security Manager (CISM) (If the role includes management/governance responsibilities). GIAC Penetration Tester (GPEN) or Offensive Security Certified Professional (OSCP) (A red-team background is invaluable for threat hunting). Cloud Certifications (e.g., Certified Cloud Security Professional (CCSP)).

Vendor-Specific Certs:

Microsoft Sentinel Certified, IBM Certified SOC Analyst - QRadar SIEM or other specific SIEM/tool training, Qualys Vulnerability Tool.
Job Type: Full-time

Ability to commute/relocate:

Dubai: Reliably commute or planning to relocate before starting work (Required)
Application Question(s):

what is your current salary? what is your expected salary? what is your notice period?
Education:

Bachelor's (Preferred)
Experience:

* SOC L3: 10 years (Required)