Cybersecurity Engineer

Job Title: Cyber Security Specialist (Junior 3-5 years) Med Senior (5-8 years) Senior (More than 8 years)

Location: (on site)

Job Type: [Full-Time]

Department: IT Department

Job Summary:

We are seeking a skilled Cybersecurity Analyst with strong experience in threat detection, security monitoring, and compliance enforcement across hybrid IT environments. The ideal candidate will be responsible for analyzing security events, conducting risk assessments, ensuring regulatory compliance (e.g., ISO 27001, NIST, GDPR), and supporting incident response operations. This role plays a critical part in protecting organizational assets, infrastructure, and sensitive data.

Key Responsibilities:

Security Monitoring & Incident Response

• Monitor and triage alerts from SIEM platforms (e.g., Wazuh, Splunk, Azure Sentinel, ELK)
• Analyze logs, events, and threats across endpoints, networks, and cloud systems
• Participate in incident response, root cause analysis, and recovery
• Investigate phishing, malware, and suspicious behavior incidents
• Collaborate with IT teams to enforce security controls and reduce attack surfaces

Governance, Risk & Compliance

• Maintain and enforce security policies, procedures, and documentation
• Assist in internal audits, control testing, and compliance assessments (ISO 27001, NIST, HIPAA, GDPR)
• Maintain and update the organization’s risk register
• Support user training and organization-wide security awareness
• Contribute to disaster recovery and business continuity planning from a security perspective

Vulnerability & Threat Management

• Perform and analyze vulnerability scans using tools such as Nessus, Qualys, or similar platforms (hands-on experience required, even if not currently in use)
• Contribute to the development or implementation of vulnerability detection solutions
• Track remediation of security gaps and report on posture trends
• Maintain awareness of threat intelligence feeds, zero-day exploits, and CVEs
• Document Indicators of Compromise (IOCs) and support internal threat intelligence initiatives

Tooling & Automation

• Tune SIEM/SOAR rules and dashboards for improved detection accuracy
• Contribute to automation workflows (e.g., alert enrichment, threat classification)
• Integrate compliance/security checks into CI/CD pipelines or infrastructure as code (if applicable)

Required Skills & Qualifications:

• Bachelor's degree in computer science, Information Security, or a related field
• 3–8+ years of experience in cybersecurity operations, compliance, or SOC (depending on level)
• Strong hands-on experience with SIEM tools (e.g., Wazuh, Splunk, Sentinel, QRadar, ELK)
• Deep familiarity with compliance standards (ISO 27001, NIST, CIS, GDPR, HIPAA)
• Prior use or development experience with vulnerability management tools (e.g., Nessus, Qualys, OpenVAS, etc.)
• Understanding of Windows, Linux, and Cloud environments (Azure AD preferred)
• Excellent analytical, documentation, and communication skills

Preferred Certifications:

• CompTIA Security+, CySA+
• ISO 27001 Lead Implementer / Auditor
• SC-200: Microsoft Security Operations Analyst
• CISA, CISM, or equivalent GRC-related credentials

Job Type: Full-time

Pay: E£20,000.00 - E£60,000.00 per month

Application Question(s):

• Do you Have Experience with ISO 27001, NIST, CIS, HIPAA, GDPR, UAE/NESA standards (if applicable)
• Have you authored or revised security policies in your past role? Give an example.”
• Walk me through a compliance audit you participated in. What findings did you help resolve?”
• “What’s your process for investigating high-severity alerts?”
• How do you correlate IoCs with endpoint or network logs?”
• “Describe a security incident you handled and how you documented it.”
• “How do you perform and prioritize vulnerability remediation?”
• Do you have a notice period or can you join us immediately ?
• what is your current salary ?and expected salary?

Expected Start Date: 28/11/2025