Senior Security Analyst ( Based in UAE)
Softec is a globally recognized award-winning technology company specializing in Artificial Intelligence and visibility solutions for transportation, mobility, logistics and command & control, with offices in Amsterdam, Abu Dhabi, Dubai and Cairo.
We help more than 5.000 organizations achieve more with our cloud platforms and on-premise deployments.
We received numerous awards for our contribution to significant nationwide digital transformation projects in logistics, public safety & national security and motor insurance.
We are seeking a talented Senior Security Analyst to join our team in UAE .
Senior Security Analyst is responsible for enterprise cybersecurity. This includes everything from threat prevention to security infrastructure design to incident detection and response.
In this role, you must fulfill a number of responsibilities to effectively manage security incidents.
Your duties will include:
1- Security Monitoring and Incident Response:
- Continuously monitor security alerts and events from various sources, such as intrusion detection systems (IDS), security information and event management (SIEM) tools, and log analysis.
- Investigate and respond to security incidents, including identifying the root cause, containing the incident, and performing forensics analysis when necessary.
- Develop and maintain incident response plans and procedures.
2- Threat Intelligence and Analysis:
- Stay updated on current cybersecurity threats and vulnerabilities by monitoring threat intelligence sources.
- Analyze threat data to identify potential risks and vulnerabilities that could impact the organization.
- Develop and maintain threat intelligence reports and briefings for management.
3 - Vulnerability Management:
- Conduct vulnerability assessments and scans to identify security weaknesses in systems, applications, and networks.
- Prioritize and track remediation efforts to address identified vulnerabilities.
- Coordinate with system administrators and IT teams to ensure timely patching and updates.
4 - Security Policy and Compliance:
- Assist in the development and enforcement of security policies, standards, and procedures.
- Conduct security audits and assessments to ensure compliance with industry standards and regulations (e.g., ISO 27001, GDPR, HIPAA).
- Provide guidance on security best practices to ensure compliance.
5 - Security Awareness and Training:
- Develop and deliver security awareness and training programs for employees to promote a security-conscious culture.
- Communicate security policies and guidelines to all staff members.
6- Security Tools Management:
- Manage and maintain security tools and technologies, such as firewalls, antivirus software, intrusion detection/prevention systems (IDS/IPS), and encryption solutions.
- Evaluate and recommend the adoption of new security tools as needed.
7- Incident Documentation and Reporting:
- Document security incidents, investigations, and findings in detailed reports.
- Create incident reports for management and regulatory reporting, when necessary.
8 - Security Risk Assessment:
- Conduct risk assessments to identify potential security risks and vulnerabilities.
- Provide risk assessment reports and recommendations for risk mitigation.
9 - Security Architecture Review:
- Participate in security architecture reviews to ensure that new systems and applications are designed with security in mind.
10- Collaboration and Communication:
- Collaborate with other IT teams, including network administrators, system administrators, and developers, to implement security measures.
- Communicate security risks and recommendations to senior management.
11- Emerging Threat Research:
- Stay up-to-date with emerging threats and security technologies.
- Research and test new security tools and methodologies.
12 - Documentation and Reporting:
- Maintain detailed records of security incidents, investigations, and security policies.
- Prepare and present reports to management on security vulnerabilities, incidents, and risk assessments.
13 - Security Awareness Programs:
- Develop and deliver security awareness programs to educate employees about security threats and best practices.
The ideal candidates will have:
- In-depth knowledge of cybersecurity principles, best practices, and frameworks (e.g. ISO 27001).
- Experience with security incident response, including identifying, analyzing, and mitigating security incidents and breaches.
- Understanding of security technologies, such as firewalls, IDS/IPS, Azure Sentinel (Security Information and Event Management), Defender for Endpoint, and Azure defender for Cloud .
- Proficiency in Azure log analysis , threat hunting, and vulnerability management.
- Knowledge of security assessments and audits, including penetration testing, vulnerability scanning, and compliance assessments.
- Familiarity with cloud security concepts and practices specific to Azure, including Azure Security Centre, Azure Sentinel, and Azure AD security .
- Understanding of regulatory compliance requirements, such as GDPR, HIPAA, or PCI-DSS, and their implications for security operations.
- Complete understanding with Azure Identity and Access Management, Threat Protection, Azure Cloud Security, Azure Information Protection, Azure Discover and Respond, Azure Information Governance
- Strong analytical and critical-thinking skills, with the ability to identify and respond to emerging security threats and trends.