Search by job, company or skills

Anghami

Cyber Security Specialist - OSN Dubai

Anghami
United Arab Emirates, Dubai
3-5 Years
Save
  • Posted a month ago
  • Be among the first 10 applicants
Early Applicant

Job Description

ROLE PURPOSE

The Cyber Security Specialist is a critical technical role responsible for protecting OSN's digital assets, content delivery infrastructure, and enterprise systems against cyber threats. Operating across cloud and on-premises environments, the role combines proactive security engineering with real-time threat detection, incident response, and regulatory compliance — ensuring OSN maintains resilient, secure operations across all business units.

Key Responsibilities

  • Security Operations & Incident Response
  • Lead end-to-end security incident management: detection, triage, containment, eradication, recovery, and post-incident review.
  • Operate as the primary escalation point within the SOC for Tier 2/3 security incidents and complex investigations.
  • Develop and maintain incident response playbooks, runbooks, and communication frameworks aligned with NIST CSF and ISO 27035.
  • Conduct forensic analysis of compromised systems, endpoints, and network activity; produce formal incident reports for technical and executive audiences.
  • Coordinate with external MSSPs, threat intelligence vendors, and UAE regulatory bodies (e.g., UAE CIRT) during significant incidents.
  • Threat Detection, Hunting & Analytics
  • Design and implement advanced detection rules, correlation logic, and SIEM use cases to identify sophisticated threats and anomalous behaviour.
  • Conduct structured threat-hunting exercises using frameworks such as MITRE ATT&CK to proactively surface hidden adversary activity.
  • Analyse threat intelligence feeds and translate findings into actionable detection improvements and security control enhancements.
  • Monitor OSN's attack surface continuously; track indicators of compromise (IoCs) and indicators of attack (IoAs) across all environments.
  • Produce weekly threat landscape briefings for the security leadership team.
  • Security Technology Administration
  • Administer, tune, and optimise the security technology stack, including:
  • SIEM (Microsoft Sentinel / Splunk) — rule authoring, dashboard development, log source onboarding
  • DLP — policy configuration, alert triage, data classification framework integration
  • WAF — ruleset management, bot mitigation, DDoS response coordination
  • PAM — onboarding, policy governance, session recording review
  • Vulnerability Management (Tenable / Qualys) — scan configuration, risk-based prioritisation
  • Drive continuous improvement programmes across all security technologies, ensuring tools are fully utilised and aligned to current threat models.
  • Cloud & Infrastructure Security
  • Define and enforce security baselines, policies, and guardrails for Azure, AWS, and Microsoft 365 environments using native and third-party tooling.
  • Lead cloud security posture management (CSPM) activities; identify and remediate misconfigurations and compliance gaps across IaaS, PaaS, and SaaS layers.
  • Architect and implement zero-trust network access (ZTNA) controls and identity-centric security models for cloud workloads.
  • Review and approve infrastructure-as-code (IaC) templates (Terraform, ARM) for security compliance before deployment.
  • Partner with DevOps and platform engineering teams to embed security into CI/CD pipelines (shift-left security / DevSecOps).
  • Vulnerability Management & Penetration Testing
  • Own the end-to-end vulnerability management lifecycle: discovery, risk scoring (CVSS), prioritisation, remediation tracking, and reporting.
  • Conduct internal penetration tests and red team exercises against web applications, APIs, cloud environments, and internal network segments.
  • Manage relationships with external penetration testing vendors; review findings, validate remediations, and track exceptions.
  • Maintain a formal risk register for open vulnerabilities and present quarterly status updates to IT leadership.
  • Application & API Security
  • Champion application security best practices aligned with OWASP Top 10, SANS CWE Top 25, and OSN's secure development lifecycle (SDL).
  • Perform manual and automated security code reviews and DAST/SAST assessments for web applications, mobile apps, and internal platforms.
  • Define and enforce API security standards; monitor for API abuse, injection attacks, and authentication weaknesses.
  • Provide developer security training and guidance; act as a trusted security advisor embedded within product engineering squads.
  • OTT, Broadcast & Content Security
  • Protect OSN's OTT platforms, streaming services, and content delivery networks (CDN) against piracy, credential stuffing, account takeover, and content leakage.
  • Implement and manage Digital Rights Management (DRM) technologies (Widevine, PlayReady, FairPlay) and ensure licence server integrity.
  • Deploy and operate anti-piracy monitoring solutions across distribution channels; liaise with content owners on take-down procedures.
  • Assess and address the unique cyber risks of broadcast infrastructure, including satellite uplink systems and contribution networks.
  • Stay current with emerging threats targeting media and entertainment sector — including stream ripping, key extraction, and credential sharing.
  • Compliance, Risk & Governance
  • Ensure ongoing compliance with applicable regulations and frameworks, including UAE Personal Data Protection Law (PDPL), NESA, ISO 27001, and SOC 2.
  • Conduct regular internal security audits, control assessments, and gap analyses; develop remediation roadmaps.
  • Maintain, review, and update cyber security policies, standards, and procedures on an annual basis or following material incidents.
  • Support external audits and regulatory inspections; act as a technical liaison for auditors and assessors.
  • Contribute to the security risk register and report material risks to the Head of Cyber Security on a monthly cadence.

Qualifications

Education

  • Bachelor's degree (or higher) in Computer Science, Information Security, Electrical Engineering, or a closely related technical discipline.
  • Equivalent combination of professional certifications and demonstrated experience will be considered.

Professional Certifications (Required — At Least One)

  • CISSP — Certified Information Systems Security Professional
  • CISM — Certified Information Security Manager
  • CISA — Certified Information Systems Auditor
  • GCIH — GIAC Certified Incident Handler

Professional Certifications (Preferred — Additional Value)

  • Microsoft Certified: Security Operations Analyst Associate (SC-200) or Azure Security Engineer Associate (AZ-500)
  • AWS Certified Security – Specialty
  • CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional)
  • GCFE / GCFA (GIAC Forensic Examiner / Analyst)
  • CompTIA Cloud+, Security+, or CySA+

Experience

  • Minimum 3–5 years of progressive experience in cyber security operations, engineering, or consulting roles.
  • Demonstrable hands-on experience operating and tuning a SIEM in a medium-to-large enterprise environment (500+ employees or equivalent asset volume).
  • Proven track record managing security incidents end-to-end, including formal post-incident reporting and process improvement.
  • Solid experience securing cloud environments — Azure and/or AWS — including native security services (Microsoft Defender for Cloud, AWS Security Hub, GuardDuty).
  • Practical experience in penetration testing or red team activities (internal or external scope).
  • Experience working within a regulated environment subject to data protection law (UAE, GDPR, or equivalent) is advantageous.

Technical Skills & Competencies

Security Operations & Tooling

  • Advanced proficiency in SIEM platforms (Microsoft Sentinel preferred; Splunk advantageous) — KQL / SPL query authoring, alert engineering, dashboarding.
  • Hands-on expertise with endpoint detection and response (EDR/XDR) tools — Microsoft Defender XDR, CrowdStrike, or SentinelOne.
  • Working knowledge of DLP, PAM (CyberArk, BeyondTrust), WAF (Azure Front Door, Cloudflare, F5), and email security gateways.
  • Experience with vulnerability scanning and management platforms (Tenable Nessus, Qualys, Rapid7).

Cloud & Infrastructure

  • Deep understanding of cloud security architecture principles: identity and access management, network segmentation, encryption, and monitoring.
  • Proficiency with Azure Security Centre / Defender for Cloud, AWS Security Hub, and Microsoft 365 Defender.
  • Familiarity with container security (Docker, Kubernetes) and serverless security patterns.
  • Understanding of network fundamentals: TCP/IP, DNS, HTTP/S, TLS, BGP, and firewall / IDS-IPS technologies.

Application & DevSecOps

  • Solid understanding of OWASP Top 10, secure SDLC, and common vulnerability classes (SQLi, XSS, SSRF, authentication flaws).
  • Experience with SAST/DAST tools (e.g., Checkmarx, Veracode, Burp Suite Pro) and integrating security scanning into CI/CD pipelines.
  • Scripting ability in Python, PowerShell, or Bash for automation of security tasks, log analysis, and tool integration.

Frameworks & Standards

  • Practical working knowledge of NIST CSF, ISO 27001/27002, CIS Controls v8, MITRE ATT&CK, and OWASP.
  • Awareness of UAE NESA, UAE PDPL, and relevant MENA regulatory requirements.

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cyber Security
Employment Type:
Full time

About Company

Anghami

Job ID: 147172067

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 20-05-2026 00:37:02 PM
Homejobs in United Arab EmiratesCyber Security Specialist - OSN Dubai