Cyber Security Specialist (SOC / Incident Response)

Job Title: Cyber Security Specialist (SOC / Incident Response)

Experience: 7–9 Years
Location: Pakistan (Hybrid) (UAE Business Hours)
Employment Type: Full-Time

Job Summary

We are seeking a Cyber Security Specialist to support day-to-day cybersecurity operations for a large enterprise customer in the UAE. This role is operational and hands-on, focusing on SIEM monitoring, incident triage/response, EDR operations, vulnerability management coordination, and maintaining compliance-aligned security operations in line with ISO 27001, SOC2, PCI/DSS, etc.

Key Responsibilities

• Monitor and analyze security events using SIEM, including alert triage, correlation validation, and escalation handling
• Execute incident response activities: triage, containment coordination, evidence capture, and support for root-cause analysis
• Operate and manage EDR tooling: policy management, alert handling, containment actions, and endpoint investigation support
• Support vulnerability management execution: scanning coordination, triage, remediation tracking, and verification
• Perform basic threat hunting and proactive detection improvements based on observed patterns and recurring incidents
• Maintain incident response playbooks, operational SOPs, and case documentation with high-quality reporting
• Support ISO 2700, SOC 2, PCI/DSS operational compliance through evidence collection, reporting, and control execution
• Coordinate with platform, network, and application teams to resolve security events within defined timelines and processes

Required Skills & Qualifications

• 7–8 years of experience in SOC / Cyber Security Operations / Incident Response
• Strong hands-on experience with SIEM operations (alerts, use-cases, dashboards, reporting)
• Strong working experience with EDR tools and endpoint investigation fundamentals
• Practical understanding of incident response lifecycle and operational documentation discipline
• Experience coordinating remediation with cross-functional teams in hybrid/on-prem environments
• Strong knowledge of ISO 27001, SOC 2, PCI/DSS operational control expectations (logging, access, incident handling, evidence)

Preferred Certifications

• CompTIA Security+, CySA+, CEH
• CISSP or CISM

PCI DSS / Payment Security:

• PCIP (ISA) – PCI Professional (Internal Security Assessor)
• Qualified Security Assessor (QSA) (where applicable/available)

Incident / Detection (strong alignment with PCI monitoring requirements):

• GIAC certifications (GCIA, GCIH, GCED)

Cloud Security:

• AWS Certified Security – Specialty
• AWS Certified Solutions Architect – Associate
• Microsoft Azure Security Engineer Associate (AZ-500)

Good to Have

• Telecom, Government or regulated sector experience in security operations
• Familiarity with structured detection frameworks (e.g., MITRE ATT&CK) and improved alert engineering
• Scripting/automation exposure for reporting and operational efficiency