Senior SOC Analyst
ملخص الوظيفة
Job Description
Senior SOC Analyst
Managed Security Services Security Operations Centre
Location: UAE / Middle East (On-site / Shift-based)
Employment Type: Full-Time
Department: Managed Security Services SOC
Experience: 36 Years (SOC / Security Operations)
Reports To: SOC Team Lead
ABOUT ITHR
ITHR Technologies Consulting LLC is a technology consulting and professional services organisation supporting enterprises across the UAE and Middle East with digital transformation cybersecurity ERP implementation talent solutions managed services and custom application development.
Our cybersecurity practice provides a comprehensive portfolio of services including Managed SOC Digital Forensics & Incident Response (DFIR) Vulnerability Assessment & Penetration Testing (VAPT) Network Security Brand Protection Security Advisory and Managed Security Services.
Our Managed SOC provides 24/7 threat monitoring detection and response capabilities to customers across the region. As we continue expanding our cybersecurity managed services portfolio we are looking for an experienced Senior SOC Analyst to strengthen our Security Operations Centre and deliver high-quality threat detection investigation and incident response services.
ROLE OVERVIEW
We are looking for a technically strong and experienced Senior SOC Analyst to join the ITHR Security Operations team.
This is a hands-on L3-level role where you will own complex alert investigations lead incident response activities conduct proactive threat hunting and continuously improve detection capabilities across customer environments.
As a senior member of the SOC you will act as the escalation point for junior analysts contribute to playbook development and maintain the quality and consistency of SOC deliverables including customer reporting and post-incident documentation.
This role is ideal for professionals who thrive in a fast-paced multi-customer MSSP environment and are passionate about solving real-world security incidents.
KEY RESPONSIBILITIES
Perform in-depth triage investigation and analysis of security alerts across multiple customer SIEM environments.
Act as the L3 escalation point for complex or high-severity incidents escalated by L1/L2 analysts.
Lead incident response activities including containment eradication recovery and post-incident review.
Conduct proactive threat hunting using MITRE ATT&CK threat intelligence and customer-specific risk profiles.
Develop and tune SIEM detection rules correlation logic and alert thresholds.
Develop and maintain SOC runbooks and incident response playbooks.
Produce high-quality incident reports suitable for both technical and business audiences.
Integrate and operationalise threat intelligence including IOCs TTPs and threat actor profiles.
Investigate activity across EDR network identity cloud and application log sources.
Mentor and guide L1 and L2 analysts through technical coaching and case reviews.
Support customer onboarding including log source validation baseline reviews and detection use case configuration.
Participate in shift handovers ensuring complete transfer of active investigations and operational awareness.
REQUIRED QUALIFICATIONS (MUST-HAVE)
36 years of hands-on SOC or Security Operations experience.
Minimum 12 years operating at an L2/L3 level.
Strong experience performing alert triage incident investigation and response.
MSSP experience is highly desirable.
Hands-on experience with one or more SIEM platforms:
Microsoft Sentinel
Splunk
IBM QRadar
Elastic SIEM
Experience with EDR solutions including:
CrowdStrike Falcon
SentinelOne
Microsoft Defender for Endpoint
Strong understanding of MITRE ATT&CK.
Solid knowledge of TCP/IP DNS HTTP/S firewalls proxies and network attack techniques.
Experience analysing Windows and Linux artefacts including event logs process trees registry persistence mechanisms and scheduled tasks.
Excellent documentation and customer reporting skills.
Must possess at least one of the mandatory certifications listed below.
CERTIFICATIONS
Mandatory (At least one required):
Blue Team Level 2 (BTL2)
GIAC Certified Incident Handler (GCIH)
GIAC Certified Forensic Analyst (GCFA)
CompTIA CASP
Advantageous:
Blue Team Level 1 (BTL1)
Microsoft SC-200 Security Operations Analyst
EC-Council Certified SOC Analyst (CSA)
CompTIA CySA
GIAC Cyber Threat Intelligence (GCTI)
PREFERRED QUALIFICATIONS (NICE-TO-HAVE)
MSSP or multi-tenant SOC experience.
Experience with SOAR platforms such as Microsoft Sentinel SOAR Palo Alto XSOAR or Splunk SOAR.
Cloud security monitoring experience across Azure AWS or GCP.
Basic digital forensics experience.
Experience using Threat Intelligence Platforms such as MISP OpenCTI or Recorded Future.
Scripting skills using Python PowerShell or KQL.
Experience supporting customers across the UAE or Middle East.
Familiarity with regional compliance frameworks such as UAE IA NESA or SAMA.
SOFT SKILLS
Strong analytical and investigative mindset.
Calm under pressure during major incidents.
Passion for continuous learning and threat research.
Excellent verbal and written communication skills.
Team player with mentoring capabilities.
High attention to detail and documentation quality.
WHAT WE OFFER
Competitive salary aligned with experience and certifications.
Annual training and certification budget.
Exposure to genuine enterprise cyber incidents across multiple industries.
Opportunity to work with advanced SIEM SOAR EDR and Threat Intelligence platforms.
Clear career progression into:
SOC Team Lead
Detection Engineer
DFIR Analyst
Cybersecurity Consultant
Required Experience:
Senior IC
عن الشركة
Qode is dedicated to helping technical talent around the world find meaningful careers that match their skills and interests. Our platform provides a range of resources and tools that empower job seekers to take control of their careers and connect with top employers across a variety ... اعرض المزيد