Skip to main content

Security Analyst L2 (Tier 2 SOC Analyst)

iConnect IT Business Solutions DMCC

DubaiOn-siteFull-Time3w ago

Description

As a Security Analyst L2, you will serve as the escalation point for Tier 1 analysts, performing deep-dive investigations, threat hunting, and leading incident response activities across a portfolio of client environments in a fast-paced managed security operation.

Key Details

  • Location: Dubai, UAE (Candidates must be currently based in the UAE)
  • Experience: 4–7 years in SOC, incident response, or cybersecurity operations
  • Availability: Immediate joiners preferred
  • Work Schedule: Rotating shifts with on-call responsibilities
  • Education: Bachelor's degree in IT, Cybersecurity, Computer Science, or related field
  • Compensation: Competitive market package

Core Responsibilities

  • Incident Investigation: Perform in-depth analysis of escalated alerts, determining scope, root cause, and business impact through multi-source log correlation and telemetry review
  • Threat Hunting: Proactively search for indicators of compromise and hidden threats across client environments using behavioral analytics and threat intelligence
  • Incident Response: Lead containment, eradication, and recovery activities for confirmed security incidents; coordinate actions across client and internal teams
  • Malware Analysis: Conduct basic static and dynamic analysis of suspicious files and artifacts
  • SIEM Health & Tuning: Support SIEM health monitoring, log source onboarding troubleshooting, and detection rule tuning to reduce false positives and improve signal quality
  • Playbook Development: Author, maintain, and refine SOC runbooks, correlation rules, and response procedures based on emerging threats and lessons learned
  • Client Reporting: Produce clear incident reports, post-incident summaries, and where required, executive-level dashboards for client stakeholders
  • Mentoring: Guide and support L1 analysts on triage techniques, escalation decisions, and investigative methodology

Technical Skills & Qualifications

  • Advanced experience with SIEM platforms including log correlation, parser management, and detection rule tuning
  • Strong knowledge of endpoint, network, email, and cloud security telemetry (Azure, Microsoft 365, Entra ID)
  • Hands-on experience with EDR platforms, packet analysis (Wireshark), and forensic investigation tools
  • Solid understanding of the full attack lifecycle, MITRE ATT&CK, and threat intelligence frameworks
  • Experience with root cause analysis across multi-source telemetry in complex, multi-client environments
  • Familiarity with scripting (Python, PowerShell) for alert automation, investigation support, and workflow improvement
  • Experience with ticketing and case management platforms
  • Relevant certifications preferred: CySA+, GCIH, GCFE, CEH, or equivalent
  • Strong analytical mindset with the ability to lead investigations independently under pressure
  • Hands-on experience with network security technologies including firewalls, IDS/IPS, VPNs, and network traffic analysis for threat detection and incident response

More jobs in Dubai