Skip to main content

SECURITY ARCHITECT

Atos

DubaiOn-siteFull-Time3w ago

Description

About Atos Group

Atos Group is a global leader in digital transformation with c. 56,000 employees and annual revenue of c. €7.2 billion (at the go-forward perimeter), operating in 54 countries under two brands - Atos for services and Eviden for products and systems. European number one in cybersecurity and a leader in cloud, Atos Group is committed to a secure and decarbonized future and provides tailored AI-powered, end-to-end solutions for all industries. Atos Group is the brand under which Atos SE (Societas Europaea) operates. Atos SE listed on Euronext Paris.

The purpose of Atos Group is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.

SOC Administrator / Senior SOC Analyst

Role Summary

We are looking for an experienced SOC Administrator / Senior SOC Analyst with strong hands-on experience in ArcSight SIEM administration, SOC operations, incident investigation, SIEM engineering, threat hunting, and security solutioning.

The candidate will be deployed onsite at a customer location and will act as a senior technical security resource responsible for managing SIEM operations, supporting L1/L2 analysts, handling advanced investigations, maintaining security tools, improving detection use cases, and advising the customer on security operations decisions.

This role requires a technically strong, confident, soft-spoken, and customer-facing professional who can take initiative, communicate clearly, and help the customer make practical cybersecurity decisions.

Key Responsibilities

SOC Administration & SIEM Management

  • Administer and manage ArcSight ESM, ArcSight Logger, Elastic Search, SmartConnectors, content packs, rules, dashboards, reports, active channels, filters, and correlation use cases.
  • Monitor SIEM platform health, connector status, event flow, EPS utilization, storage, parsing quality, and log source availability.
  • Troubleshoot log ingestion issues, connector failures, parsing errors, event normalization issues, and correlation rule performance problems.
  • Perform SIEM tuning to reduce false positives and improve detection accuracy.
  • Develop and maintain SIEM content including correlation rules, dashboards, reports, threat use cases, and alert workflows.
  • Support onboarding of new log sources including network devices, servers, cloud platforms, EDR, AV, IAM, and application logs.
  • Maintain documentation for SIEM architecture, log source inventory, use cases, SOPs, escalation matrix, and operational runbooks.

SOC L3 Operations & Incident Response

  • Perform deep-dive analysis of security alerts, suspicious activities, malware detections, endpoint events, cloud events, and network anomalies.
  • Lead incident triage, validation, containment recommendations, root cause analysis, and post-incident reporting.
  • Review and improve SOC investigation workflows, alert handling procedures, and escalation processes.
  • Perform threat hunting across SIEM, EDR, endpoint, cloud, firewall, proxy, DNS, identity, and email security logs.
  • Support customer security teams during major incidents, audit queries, and security improvement initiatives.

SIEM Engineering & Detection Engineering

  • Design, develop, and enhance security monitoring use cases aligned with MITRE ATT&CK, current threat trends, and customer risk priorities.
  • Translate business and technical risks into actionable SIEM detection logic.
  • Create and tune detection rules for endpoint threats, privilege abuse, lateral movement, brute force, suspicious cloud activity, data exfiltration, malware, ransomware,

More jobs in Dubai