Senior security analyst ( based in uae) - united arab emirates, dubai

Softec is a globally recognized award-winning technology company specialized in artificial intelligence and visibility solutions for transportation, mobility, logistics and command & control, with offices in amsterdam, abu dhabi, dubai and cairo.​we help more than 5.000 organizations achieve more with our cloud platforms and on-premise deployments. ​we received numerous awards for our contribution to significant nationwide digital transformation projects in logistics, public safety & national security and motor insurance.we are seeking a talented senior security analyst to join our team in uae. .senior security analyst is responsible for enterprise cybersecurity. this includes everything from threat prevention to security infrastructure design to incident detection and response. in this role, you must fulfill a number of responsibilities to effectively manage security incidents.your duties will include:1- security monitoring and incident response:continuously monitor security alerts and events from various sources, such as intrusion detection systems (ids), security information and event management (siem) tools, and log analysis.investigate and respond to security incidents, including identifying the root cause, containing the incident, and performing forensics analysis when necessary.develop and maintain incident response plans and procedures.2- threat intelligence and analysis:stay updated on current cybersecurity threats and vulnerabilities by monitoring threat intelligence sources.analyze threat data to identify potential risks and vulnerabilities that could impact the organization.develop and maintain threat intelligence reports and briefings for management.3 - vulnerability management:conduct vulnerability assessments and scans to identify security weaknesses in systems, applications, and networks.prioritize and track remediation efforts to address identified vulnerabilities.coordinate with system administrators and it teams to ensure timely patching and updates.4 - security policy and compliance:assist in the development and enforcement of security policies, standards, and procedures.conduct security audits and assessments to ensure compliance with industry standards and regulations (e.g., iso 27001, gdpr, hipaa).provide guidance on security best practices to ensure compliance.5 - security awareness and training:develop and deliver security awareness and training programs for employees to promote a security-conscious culture.communicate security policies and guidelines to all staff members.6- security tools management:manage and maintain security tools and technologies, such as firewalls, antivirus software, intrusion detection/prevention systems (ids/ips), and encryption solutions.evaluate and recommend the adoption of new security tools as needed.7- incident documentation and reporting:document security incidents, investigations, and findings in detailed reports.create incident reports for management and regulatory reporting, when necessary.8 - security risk assessment:conduct risk assessments to identify potential security risks and vulnerabilities.provide risk assessment reports and recommendations for risk mitigation.9 - security architecture review:participate in security architecture reviews to ensure that new systems and applications are designed with security in mind.10- collaboration and communication:collaborate with other it teams, including network administrators, system administrators, and developers, to implement security measures.communicate security risks and recommendations to senior management.11- emerging threat research:stay up-to-date with emerging threats and security technologies.research and test new security tools and methodologies.12 - documentation and reporting:maintain detailed records of security incidents, investigations, and security policies.prepare and present reports to management on security vulnerabilities, incidents, and risk assessments.13 - security awareness programs:develop and deliver security awareness programs to educate employees about security threats and best practices.skillsthe ideal candidates will have:in-depth knowledge of cybersecurity principles, best practices, and frameworks (e.g. iso 27001).experience with security incident response, including identifying, analysing, and mitigating security incidents and breaches.understanding of security technologies, such as firewalls, ids/ips, azure sentinel (security information and event management), defender for endpoint, and azure defender for cloud.proficiency in azure log analysis, threat hunting, and vulnerability management.knowledge of security assessments and audits, including penetration testing, vulnerability scanning, and compliance assessments.familiarity with cloud security concepts and practices specific to azure, including azure security centre, azure sentinel, and azure ad security.understanding of regulatory compliance requirements, such as gdpr, hipaa, or pci-dss, and their implications for security operations.complete understanding with azure identity and access management, threat protection, azure cloud security, azure information protection, azure discover and respond, azure information governancestrong analytical and critical-thinking skills, with the ability to identify and respond to emerging security threats and trends.

More jobs