Security Analyst L2 (Tier 2 SOC Analyst)
iConnect IT Business Solutions DMCC
DubaiOn-siteFull-Time3w ago
Description
As a Security Analyst L2, you will serve as the escalation point for Tier 1 analysts, performing deep-dive investigations, threat hunting, and leading incident response activities across a portfolio of client environments in a fast-paced managed security operation.
Key Details
- Location: Dubai, UAE (Candidates must be currently based in the UAE)
- Experience: 4–7 years in SOC, incident response, or cybersecurity operations
- Availability: Immediate joiners preferred
- Work Schedule: Rotating shifts with on-call responsibilities
- Education: Bachelor's degree in IT, Cybersecurity, Computer Science, or related field
- Compensation: Competitive market package
Core Responsibilities
- Incident Investigation: Perform in-depth analysis of escalated alerts, determining scope, root cause, and business impact through multi-source log correlation and telemetry review
- Threat Hunting: Proactively search for indicators of compromise and hidden threats across client environments using behavioral analytics and threat intelligence
- Incident Response: Lead containment, eradication, and recovery activities for confirmed security incidents; coordinate actions across client and internal teams
- Malware Analysis: Conduct basic static and dynamic analysis of suspicious files and artifacts
- SIEM Health & Tuning: Support SIEM health monitoring, log source onboarding troubleshooting, and detection rule tuning to reduce false positives and improve signal quality
- Playbook Development: Author, maintain, and refine SOC runbooks, correlation rules, and response procedures based on emerging threats and lessons learned
- Client Reporting: Produce clear incident reports, post-incident summaries, and where required, executive-level dashboards for client stakeholders
- Mentoring: Guide and support L1 analysts on triage techniques, escalation decisions, and investigative methodology
Technical Skills & Qualifications
- Advanced experience with SIEM platforms including log correlation, parser management, and detection rule tuning
- Strong knowledge of endpoint, network, email, and cloud security telemetry (Azure, Microsoft 365, Entra ID)
- Hands-on experience with EDR platforms, packet analysis (Wireshark), and forensic investigation tools
- Solid understanding of the full attack lifecycle, MITRE ATT&CK, and threat intelligence frameworks
- Experience with root cause analysis across multi-source telemetry in complex, multi-client environments
- Familiarity with scripting (Python, PowerShell) for alert automation, investigation support, and workflow improvement
- Experience with ticketing and case management platforms
- Relevant certifications preferred: CySA+, GCIH, GCFE, CEH, or equivalent
- Strong analytical mindset with the ability to lead investigations independently under pressure
- Hands-on experience with network security technologies including firewalls, IDS/IPS, VPNs, and network traffic analysis for threat detection and incident response
More jobs in Dubai
Sales Executive (Automotive)
Oscar Legacy Auto Services LLC · Dubai
Freelancer Sales Execuive (Remote)
Sayanat Services · Dubai
ICT Support Engineer with 2 Year UAE Experiance and Driving License
Technoa Middle East Technology LLC · Dubai
Director, Client Management
Dow Jones · Dubai
Real Estate Consultant
Unknown · Dubai
Sales and Marketing Manager
Sainath Travels and Tourism LLC · Dubai
Business Development Manager
Fit Out Heroes · Dubai
B2B Partnerships Executive (Emirati Only)
Property Finder · Dubai