Information Security Specialist
Skills
About This Role
Overview
- Actively monitor the networks, systems, applications, IT assets and bio-medical equipment’s for suspicious activity and threats.
- Using offensive and defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or may occur within the network and make the initial decision on the event/ threat severity.
- Manage network, intrusion detection and prevention systems.
- Conduct periodic compromise assessments across selected networks and propose recommendations based on assessment results.
- Conduct physical security assessment of the organization’s systems, including servers and networks, ensuring that any unauthorized external physical interference is not actually possible.
- Conduct ongoing network hunt activities.
- Conduct proactive vulnerability assessment across the network, subnetworks and service traffic to identify potential points of intrusion.
- Research and develop methods of tracking and detecting malicious activity within a network.
- Develop tools, signatures, and methods of detection for use in incident response activities.
- Develop SIEM integrations, dashboards, and analytics to illuminate and visualize threat activity.
- Analyze network traffic to provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
- Uses data collected from a variety of cyber defense tools (e.g., anti-virus, IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments, perform cyber defense trend analysis and reporting, and perform event correlation to mitigate threats and gain situational awareness and determine the effectiveness of an observed attack.
- Carries out triage to ensure that a genuine security incident is occurring.
- Coordinate with entity-wide cyber defense staff to validate network alerts.
- Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event’s history, status, and potential impact for further action in accordance with the organization’s cyber incident response plan.
- Document and escalate incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
- Provide daily summary reports of network events and activity relevant to cyber defense practices.
- Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
- Validate intrusion detection system (IDS) alerts against network traffic using packet analysis tools.
- Isolate and remove malware.
- Develop content for cyber defense tools use them for continual monitoring and analysis of network activity to identify malicious activity.
- Assist in the construction of signatures which can be implemented on cyber defense tools in response to new or observed threats within the network environment.
- Analyze and report organizational security posture trends.
- Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus, Threat Intelligence Providers) to maintain updated of cyber defense threat condition and determine which security issues may have an impact on the enterprise.
- Provides cybersecurity recommendations based on significant threats and vulnerabilities.
- Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operational Plans.
- Collect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) and use discovered data to enable mitigation of potential cyber incidents within the enterprise.
- Use specialized equipment and techniques to catalog, document, extract, collect, package, and preserve digital evidence.
- Utilize deployable forensics toolkit to support operations as necessary
Knowledge
- Security concepts such as cyber-attacks and techniques, threat vectors, risk and threat management, incident management etc.
- Networking concepts and protocols, and network security attacks, vulnerabilities, processes, methodologies, access control mechanisms, traffic analysis methods.
- Cyber threats and vulnerabilities and information dissemination sources (e.g., alerts and advisories).
- Cyber defense and vulnerability assessment tools and their capabilities.
- System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
- Scripting languages (e.g., Python, Perl, Bash) used in an incident response environment
- Incident response and handling methodologies.
- Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools, applications, methodologies and techniques for detecting host and network-based intrusions.
- Threat investigations, reporting and investigative tools.
- Cyber defense and information security policies, procedures, and regulations.
- Common attack vectors, the different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks) and attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored), and attackers’ methodologies.
- Signature implementation impact for viruses, malware, and attacks.
- Windows/Unix ports and services.
- Relevant laws, legal authorities, restrictions, and regulations pertaining to cyber defense activities.
- Packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
- Use of sub-netting tools.
- Penetration testing principles, tools, and techniques.
- Investigation, auditing and forensics methods, processes, procedures and standards.
- Different types of hardware, storage, imaging and file system analysis.
- Data backup and recovery.
Skills
- Using SIEM/SOAR and Vulnerability Management tools and services.
- Sysadmin skills (Linux/Mac/Windows).
- Programming skills (Python, Ruby, PHP, C, C#, Java, Perl, and more).
- Identifying, analyzing and interpreting trends or patterns in complex data sets.
- Developing and deploying signatures.
- Detecting host and network-based intrusions via intrusion detection technologies (e.g., Snort).
- Using incident handling methodologies.
- Collecting data from a variety of cyber defense resources.
- Recognizing and categorizing types of vulnerabilities and associated attacks.
- Performing packet-level analysis.
- Conducting trend analysis.
- Using cyber defense reporting structure and processes.
- Utilizing a combination of automated and manual testing methods.
- Developing automated vulnerability testing scripts and using off the shelf vulnerability testing tools.
- Conducting vulnerability scans and recognizing vulnerabilities in networks, systems and applications.
- Using of penetration testing tools and techniques.
- Applying analytical and problem-solving skills.
Ability
- Collaborate with other sections across the department to enhance detection capabilities.
- Perform Malware analysis.
- Work closely with management to respond appropriately to the results of assessments and mitigation oversight of found vulnerabilities.
- Perform data analysis, correlation, and analytics leveraging Security Information and Event Management (SIEM) tools.
- Conduct vulnerability scans and recognize vulnerabilities in security systems & devices.
- Accurately and completely source all data used in intelligence, assessment and/or planning products.
- Apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
- Interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).
- Prepare and create regular reports to document any security breaches/ incidents.
- Provide forensic support to Cyber Security Operations during the investigation of any detected threat or contained incident / event to determine root cause and propose response recommendations as required.
Education and Certification
- Bachelor’s degree in an information technology, computer science, cyber security or equivalent work experience.
- CompTIA Security+
Experience
- 3 years of experience in cyber security operations with expertise in managing the Security Operations Center
- UAE experience preferred.
Your resume, rewritten
for this exact role.
Sign up free — Base Career tailors your CV to this job description in 60 seconds.
01 / 05
Resume Tailored to This Job
Your keywords, structure, and story — rewritten to match this exact role and pass ATS filters.
Free · No card · 60 seconds
02 / 05
Cover Letter for This Role, Done
Job-specific cover letters written in Gulf professional tone — ready in seconds, not hours.
Free · No card · 60 seconds
03 / 05
See How Well You Fit This Role
AI match score with clear reasons — know your fit before investing time in the application.
Free · No card · 60 seconds
04 / 05
Apply in One Click
Autofill any application form on Workday, LinkedIn, Bayt, Greenhouse — with your tailored content.
Free · No card · 60 seconds
05 / 05
Track It. Follow Up at the Right Time.
Visual pipeline for every application with AI-timed follow-up reminders so nothing slips.
Free · No card · 60 seconds
Similar Jobs
Senior Analyst, Information Security
M42 Health · Abu Dhabi
Overview M42 is a global health champion powered by artificial intelligence (AI), technology and genomics to advance innovation in health for people and the planet. Headquartered in Abu Dhabi, M42 combines its specialize
Skills
Yesterday
Apply Now↗Apply Now ↗Information Security Engineer (Arabic Speakers)
REACH Group · Abu Dhabi
Location: Abu Dhabi Duration: Yearly Renewable Contract Qualifications Expertise in Application Security and Information Security practices Strong knowledge of Cybersecurity and Network Security methodologies Experien
Skills
3 days ago
Apply Now↗Apply Now ↗Information Security Engineer (Arabic Speaker)
Dicetek LLC · Dubai
Ensure secure digital systems, manage information security projects, and maintain compliance with cybersecurity standards; requires a degree and relevant certifications.
Skills
4 days ago
Apply Now↗Apply Now ↗Information Security Engineer (Arabic Speaker)
Dicetek LLC · Dubai
Information Security Engineer Ensure The Following All digital systems and services are secure by design. Risk-based security controls are included across systems and networks. The enterprise architecture is aligned w
Skills
4 days ago
Apply Now↗Apply Now ↗Information Security Governance & Business Continuity Consultant
iConnect IT Business Solutions DMCC · Abu Dhabi
We are looking for a senior Information Security Governance & Business Continuity Consultant to take full ownership of governance, compliance, audit coordination, and enterprise resilience activities. The role covers Inf
Skills
5 days ago
Apply Now↗Apply Now ↗Information Security Engineer (Arabic Speaker)
DICETEK LLC · Dubai
Information Security Engineer Ensure the following: All digital systems and services are secure by design. Risk-based security controls are included across systems and networks. The enterprise architecture is aligned
Skills
5 days ago
Apply Now↗Apply Now ↗Information Security Engineer (Arabic Speaker)
DICETEK LLC · Dubai
Information Security Engineer Ensure the following: All digital systems and services are secure by design. Risk-based security controls are included across systems and networks. The enterprise architecture is aligned
Skills
5 days ago
Apply Now↗Apply Now ↗Information Security Manager
ARENGY · Dubai
ARENGY is a Digital and Cybersecurity Consulting Company operating in the Middle East from Dubai. Our customers are the most successful industry leaders executing projects around the globe. We are partnering with one of
Skills
5 days ago
Apply Now↗Apply Now ↗Information Security Engineer (Arabic Speaker)
DICETEK LLC · Dubai
Information Security Engineer Ensure the following: All digital systems and services are secure by design. Risk-based security controls are included across systems and networks. The enterprise architecture is aligned
Skills
5 days ago
Apply Now↗Apply Now ↗2.2K+
Cover Letters & Follow-ups
1.8K+
Resumes Tailored
190.5K+
Jobs Tracked
Trusted by professionals at
Stop applying blindly.
Start getting hired.
Base Career automates the hardest parts of job searching — apply smarter, not harder.
AI Resume in 60s
Your resume rewritten for this exact role using the job description as the brief.
ATS-Optimized
Get past automated screening filters with the right keywords matched to each job.
Application Tracker
Track every job, follow-up, and interview in one visual kanban board.
Free plan · No credit card required