Security Operations Center Analyst

Job Description

SOC Analyst

Role Overview

We are seeking a highly skilled SOC Analyst to protect enterprise information systems by identifying, assessing, and mitigating security risks. This role is critical to monitoring, analyzing, and responding to security incidents, strengthening defensive controls, and ensuring compliance with applicable security standards and regulations.

The ideal candidate is proactive, detail-oriented, and brings strong technical expertise combined with a structured investigative mindset.

Key Responsibilities

• Monitor SIEM dashboards (e.g., Microsoft Sentinel) and security alerts in real time
• Analyze events from security platforms such as Microsoft Defender
• Detect suspicious activity, anomalies, and policy violations

• Perform initial investigation and classification of alerts (false positives vs. true positives)
• Collect and analyze logs, event data, reputational intelligence, and indicators of compromise (IOCs)
• Escalate confirmed or high-severity incidents to L2/L3 teams with complete documentation
• Execute predefined response actions such as endpoint isolation, password resets, and IP blocking

• Validate IOC hits against threat intelligence sources
• Analyze phishing attempts, malware infections, malicious URLs/attachments, credential harvesting, and unauthorized access
• Identify alert patterns and trends to support early threat detection

• Create detailed incident tickets and investigation notes
• Conduct root cause analysis and document incident reports with remediation recommendations
• Maintain accurate incident timelines and status updates
• Produce reports on recurring or emerging security issues

• Work closely with the Security Operations and internal IT teams
• Communicate with users to validate suspicious activities and login events
• Follow established SOPs and contribute to process and control improvements

• Conduct security awareness training (e.g., phishing prevention, password hygiene)
• Develop and share educational materials on emerging cyber threats

• Stay current with evolving threats, vulnerabilities, and attack techniques
• Analyze threat intelligence feeds and reports to enhance the organization's security posture

• Bachelor's degree in Engineering, Computer Science, or a related field
• 5–7 years of experience in SOC operations
• 3+ years of hands-on experience in SOC, Blue Team, or Security Engineering roles
• Strong experience with Microsoft Sentinel, Microsoft Defender, incident management, and compromised account recovery

• Strong understanding of TCP/IP, Windows and Linux internals
• Experience with AWS and Azure security controls
• Scripting and automation skills (Python, PowerShell, or Bash)
• Familiarity with MITRE ATT&CK, threat-hunting techniques, and detection engineering

• CompTIA Security+
• Microsoft SC-200
• CEH
• CCNA or CCNP (Security)

• Strong analytical and investigative mindset
• Excellent written and verbal communication skills, including executive reporting
• Ability to multitask and perform effectively in high-pressure environments

• Experience working on Zero Trust security architecture initiatives
• Knowledge of UAE PDPL, GDPR, or other privacy regulations