Cyber Security Specialist (SOC / Incident Response)

  Job Title: Cyber Security Specialist (SOC / Incident Response) Experience: 7–9 Years Location: India - Remote (UAE Business Hours) Employment Type: Full-Time Job Summary We are seeking a Cyber Security Specialist to support day-to-day cybersecurity operations for a large enterprise customer in the UAE.

This role is operational and hands-on, focusing on SIEM monitoring, incident triage/response, EDR operations, vulnerability management coordination, and maintaining compliance-aligned security operations in line with ISO 27001, SOC2, PCI/DSS, etc.

Key Responsibilities Monitor and analyze security events using SIEM, including alert triage, correlation validation, and escalation handling Execute incident response activities: triage, containment coordination, evidence capture, and support for root-cause analysis Operate and manage EDR tooling: policy management, alert handling, containment actions, and endpoint investigation support Support vulnerability management execution: scanning coordination, triage, remediation tracking, and verification Perform basic threat hunting and proactive detection improvements based on observed patterns and recurring incidents Maintain incident response playbooks, operational SOPs, and case documentation with high-quality reporting Support ISO 2700, SOC 2, PCI/DSS operational compliance through evidence collection, reporting, and control execution Coordinate with platform, network, and application teams to resolve security events within defined timelines and processes Required Skills & Qualifications 7–8 years of experience in SOC / Cyber Security Operations / Incident Response Strong hands-on experience with SIEM operations (alerts, use-cases, dashboards, reporting) Strong working experience with EDR tools and endpoint investigation fundamentals Practical understanding of incident response lifecycle and operational documentation discipline Experience coordinating remediation with cross-functional teams in hybrid/on-prem environments Strong knowledge of ISO 27001, SOC 2, PCI/DSS operational control expectations (logging, access, incident handling, evidence) Preferred Certifications CompTIA Security+, CySA+, CEH CISSP or CISM PCI DSS / Payment Security: PCIP (ISA) – PCI Professional (Internal Security Assessor) Qualified Security Assessor (QSA) (where applicable/available) Incident / Detection (strong alignment with PCI monitoring requirements): GIAC certifications (GCIA, GCIH, GCED) Cloud Security: AWS Certified Security – Specialty AWS Certified Solutions Architect – Associate Microsoft Azure Security Engineer Associate (AZ-500) Good to Have Telecom, Government or regulated sector experience in security operations Familiarity with structured detection frameworks (e.g., MITRE ATT&CK) and improved alert engineering Scripting/automation exposure for reporting and operational efficiency Powered by JazzHR