Cyber Security Specialist (SOC / Incident Response)

Remote

Full Time

Mid Level

Job Title: Cyber Security Specialist (SOC / Incident Response)

Experience: 7–9 Years
Location: India - Remote (UAE Business Hours)
Employment Type: Full-Time

Job Summary

We are seeking a Cyber Security Specialist to support day-to-day cybersecurity operations for a large enterprise customer in the UAE. This role is operational and hands-on, focusing on SIEM monitoring, incident triage/response, EDR operations, vulnerability management coordination, and maintaining compliance-aligned security operations in line with ISO 27001, SOC2, PCI/DSS, etc.

Key Responsibilities

Monitor and analyze security events using SIEM, including alert triage, correlation validation, and escalation handling
Execute incident response activities: triage, containment coordination, evidence capture, and support for root-cause analysis
Operate and manage EDR tooling: policy management, alert handling, containment actions, and endpoint investigation support
Support vulnerability management execution: scanning coordination, triage, remediation tracking, and verification
Perform basic threat hunting and proactive detection improvements based on observed patterns and recurring incidents
Maintain incident response playbooks, operational SOPs, and case documentation with high-quality reporting
Support ISO 2700, SOC 2, PCI/DSS operational compliance through evidence collection, reporting, and control execution
Coordinate with platform, network, and application teams to resolve security events within defined timelines and processes

Required Skills & Qualifications

7–8 years of experience in SOC / Cyber Security Operations / Incident Response
Strong hands-on experience with SIEM operations (alerts, use-cases, dashboards, reporting)
Strong working experience with EDR tools and endpoint investigation fundamentals
Practical understanding of incident response lifecycle and operational documentation discipline
Experience coordinating remediation with cross-functional teams in hybrid/on-prem environments
Strong knowledge of ISO 27001, SOC 2, PCI/DSS operational control expectations (logging, access, incident handling, evidence)

Preferred Certifications

CompTIA Security+, CySA+, CEH
CISSP or CISM

PCI DSS / Payment Security:

PCIP (ISA) – PCI Professional (Internal Security Assessor)
Qualified Security Assessor (QSA) (where applicable/available)

Incident / Detection (strong alignment with PCI monitoring requirements):

GIAC certifications (GCIA, GCIH, GCED)

Cloud Security:

AWS Certified Security – Specialty
AWS Certified Solutions Architect – Associate
Microsoft Azure Security Engineer Associate (AZ-500)

Good to Have

Telecom, Government or regulated sector experience in security operations
Familiarity with structured detection frameworks (e.g., MITRE ATT&CK) and improved alert engineering
Scripting/automation exposure for reporting and operational efficiency

Apply for this position

Required*

First Name*

Last Name*

Email Address*

Phone*

Address

Resume*

We've received your resume. Click here to update it.

Attach resume or Paste resume

Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

How many years of hands-on experience do you have in SOC, Cyber Security Operations, or Incident Response?

What best describes your experience with SIEM operations in a production SOC?

What is your level of hands-on experience with EDR tools?

Which option best describes your involvement in incident response activities?

Which compliance frameworks have you directly supported operationally (logging, incidents, evidence, reporting)?

Are you willing to work with in a salary range between 30 and 32 LPA in INR? YesNo

Human Check*

Submit Application