SOC Level3 (DFIR) Job in United Arab Emirates
Callsign , United Arab Emirates

Never pay for job application, test/interview.
Safe Job Search | EEO Laws in UAE
1 Year
0 - 0
Job Type
Job Shift
Job Category
Requires Traveling
Career Level
Associate Degree
Total Vacancies
1 Job
Posted on
Feb 23, 2021
Last Date
May 23, 2021

Job Description

We are looking for a capable, motivated, and deeply technical L3 SOC Analyst (Digital Forensics and Incident Response - DFIR) who enjoys security work, professional development, and proactive security. This position is for an experience cyber security specialist who has experience within digital forensics and incident response.

The L3 SOC Analyst (DFIR) will be responsible for responding and analysing security incidents, conducting forensic investigations across a complex multi-cloud environment, supporting threat hunting cycles, and purple team engagements. The L3 SOC Analyst (DFIR) will also be required to attend and host tabletop incident exercises, and create and maintain response runbooks.


  • Security monitoring and incident handling across a complex network
  • Use case development of detection analytics
  • Attending and participating in threat modelling sessions
  • Participate as a member of the C/SIRT to respond to security incidents
  • Purple team exercises to identify gaps in detections and detection analytics development
  • Research of current threats and trends affecting the organisation and its customers
  • Mentor junior analysts
  • Conduct forensic activities including acquisition, analysis, and reporting across Linux, OSX, and Windows systems
  • Develop and test incident response playbooks through TTX
  • Maintain, develop, and test DFIR tools and techniques


  • SOC / Pen-Tester / Purple Team / Threat Intelligence / Threat Hunting / DFIR background
  • Hold at least two of the following certifications (or working toward / or similar):

o GIAC Certified Intrusion Analyst (GCIA)

o GIAC Certified Incident Handler (GCIH)

o GIAC Certified Forensic Examiner (GFCE)

o GIAC Certified Forensic Analyst (GCFA)

o GIAC Continuous Monitoring (GMON)

o GIAC Defending Advanced Threats (GDAT)

o GIAC Certified Detection Analyst (GCDA)

o CREST Certified Threat Intelligence Analyst

o CREST Certified Intrusion Analyst

o Offensive Security Certified Professional (OSCP)

o Azure Security Engineer (AZ500)

  • Be able to commute to Abu Dhabi, UAE at least 3 times per week
  • Be willing to work on a full-time permanent basis
  • Minimum of 2 years experience within a similar role
  • Experience in forensics, threat intelligence, incident response
  • Ability to understand and create detection rules in a SIEM
  • Experience with Splunk, Azure Sentinel, ELK, Kansa, Timeline Explorer, SIFT, Sleuth Kit, and EDR is a bonus

Job Specification


Information Technology and Services - Dubai, United Arab Emirates
© Copyright - Jobs in UAE, 2004-2021. All rights reserved.