Cyber Security and Threat Monitoring Specialist - SOC (m/f/d)

Role Purpose

Siem Monitoring & Alert Triage

• Monitor and analyze security alerts using SIEM platforms such as:
• + Splunk
• + Microsoft Sentinel
• + IBM QRadar
• Perform alert triage, validation, and prioritization based on severity and business impact
• Investigate security events including:
• + Suspicious login activities
• + Malware detections
• + Network anomalies
• + Data exfiltration indicators
• Correlate events from multiple sources (logs, endpoints, network devices) to identify potential threats

Incident Response & Coordination

• Coordinate and support incident response activities in line with NIST SP 800-61 guidelines
• Perform initial containment, eradication, and recovery actions where applicable
• Work with internal teams (IT, Infrastructure, Risk) and external vendors during incident handling
• Document incidents, response actions, and lessons learned
• Ensure timely escalation of critical incidents to senior stakeholders

Threat Intelligence & Reporting

• Generate threat intelligence reports and dashboards for:

+ Chief Information Security Officer (CISO)

• + Risk and governance committees
• Track and report on:
• + Threat trends
• + Attack patterns
• + Incident metrics (MTTR, MTTA, etc.)
• Leverage threat intelligence feeds to enhance detection capabilities
• Provide actionable recommendations to improve security posture

Security Operations & Continuous Improvement

• Fine-tune SIEM rules and use cases to reduce false positives and improve detection accuracy
• Participate in threat hunting activities to proactively identify hidden threats
• Support development of playbooks and runbooks for incident response
• Contribute to continuous improvement of SOC processes and controls

Compliance & Documentation

• Ensure security monitoring activities align with:
• + Internal security policies
• + Banking regulatory requirements
• Maintain accurate documentation of alerts, incidents, and investigations
• Support audits and compliance reporting

Education

• Bachelor’s degree in:
• + Cybersecurity
• + Information Technology
• + Computer Science or related field

Experience

• 5-8+ years of experience in:
• + Security Operations Center (SOC) or Cybersecurity Operations
• Hands-on experience with:
• + SIEM tools (Splunk, Sentinel, QRadar)
• + Incident response handling in enterprise environments
• Experience in banking or financial services is highly preferred

Technical Skills

• Strong understanding of:
• + Security event analysis and log correlation
• + Network protocols, endpoints, and attack vectors
• Familiarity with:
• + MITRE ATT&CK framework
• + Threat intelligence platforms and feeds
• + Incident response frameworks (NIST, ISO 27035)

Soft Skills

• Strong analytical and problem-solving skills
• Ability to prioritize and respond under pressure
• Clear and concise communication skills for reporting to leadership
• Attention to detail and investigative mindset

• Risk Awareness & Escalation

• Stakeholder Communication

Ideal Candidate Profile

• Hands-on SOC experience with enterprise SIEM tools
• Strong analytical mindset with investigative capabilities
• Ability to clearly communicate technical findings to non-technical stakeholders
• Experience working in regulated environments such as banking or financial services
• Cyber Security and Threat Monitoring Specialist - SOC in Abu Dhabi, United Arab Emirates