Skills:
cybersecurity operations, Incident Response, Security Policy Administration, Control Management, System Health Monitoring, Security Platform, Patch, Upgrade,
Cyber SecurityL2 Engineer (SecurityOperations)
Role Purpose
- The Cyber Security L2 Analyst will be part of Organizations Enterprise grade Security Operations function, responsible for day-to-day operational security monitoring, incident handling, and control administration across a diverse enterprise security landscape.
- The role is operations-centric. Hands-on experience in Security Operations, Incident Response, and control management is mandatory.
- Product-specific expertise with expected familiarity at L2 operational level in Enterprise Security technologies across key areas like, but not limited to Perimeter Security, End-point Security, Email Security, Data Security, Application Security and Threat & Vulnerability Management.
Key Responsibilities
- Security Operations & Incident Response (Core Responsibility)
- Perform L2-level incident investigation and response across security platforms and infrastructure.
- Analyze alerts, logs, and events to determine root cause, impact, and containment actions.
- Support incident escalation, coordination, and resolution in line with defined SLAs.
- Assist in Incident analysis and support post-incident reviews and RCA documentation.
- Security Policy Administration & Control Management
- Administer, review, and fine-tune security policies, rules, and configurations across deployed security controls.
- Ensure policies align with organization security standards, compliance requirements, and risk posture.
- Support implementation of new security controls and enhancements as per approved designs.
- Security Platform & System Health Monitoring
- Monitor health, performance, and availability of security appliances and platforms.
- Identify and proactively address issues related to capacity, stability, or degradation.
- Coordinate with vendors and internal teams for issue resolution when required.
- Patch, Upgrade & Version Management
- Support patching, upgrades, and version lifecycle management for security products (with OEM Support).
- Validate post-patch / post-upgrade stability and security posture.
- Ensure changes follow Change Management and ITIL processes.
- Documentation, Reporting & Compliance Support
- Prepare and maintain:
- Operational reports
- Incident and investigation reports
- Log validation evidence
- Root Cause Analysis (RCA) documents
- Collaboration & Continuous Improvement
- Work closely with SOC, Infrastructure, Network, and Application teams.
- Contribute to process improvements and operational readiness.
- Experience Requirements -
- Total IT experience: Minimum 15 years overall professional IT experience.
- Cyber Security experience: Minimum 7 years of hands-on experience in Cyber Security / Security Operations. Transition from Network Security would be highly desirable.
- Demonstrated experience working in enterprise-scale or government environments with complex security ecosystems.
- Strong exposure to operational security functions, including incident response, monitoring, policy enforcement, and control management.
- Experience and working knowledge of UAE Cyber Security frameworks, standards, and regulatory requirements is highly desirable
- Certifications -
- Must Have on Network Security & Platform Security - Cisco CCNA Security / CCNP Security / F5 WAF Certified Technology Specialist / CompTIA Security+
- Good to Have - CISSP / NIST Cybersecurity Framework.
