Security Operations Center Analyst

Role - SOC Analyst

Location: Abu Dhabi, UAE

Qualification:

 Bachelor& degree in Computer Science/Information Technology, or a related field.

 5+ years in SOC operations, with 3+ years of hands-on experience in Microsoft Sentinel,

Defender, Azure App and CrowdStrike.

 Proficiency in Python and PowerShell

Required Skills

 Strong communication, presentation and collaboration skills.

 Direct Customer handling experience (Onsite)

 Strong knowledge of incident response workflows and investigative techniques.

 Advanced KQL and Sentinel dashboarding capabilities.

 Proficiency in Python and PowerShell for automation.

 Hands-on experience with Falcon Insight, Overwatch, and Spotlight.

 Excellent problem-solving skills and ability to communicate findings to both technical and

non-technical stakeholders.

Roles & Responsibilities

SOC Analyst with proven expertise in Microsoft Sentinel, Defender, Azure App,

Zscaler and CrowdStrike to join and strengthen our customer security operations team. This role

involves hands-on incident response, SIEM/EDR/Proxy optimization, and automation to improve

detection and response efficiency. The candidate should have experience in financial services or

other regulated industries and be passionate about building scalable, resilient SOC capabilities.

The candidate will be deployed onsite at the customer location & will be part of the overall security operations of the customer.

Job Description

 Respond to and investigate malware, insider threats, and endpoint compromises, leveraging

CrowdStrike Falcon for forensic analysis and remediation.

 Utilise Microsoft Sentinel for log correlation, threat detection, and dashboard development,

integrating data sources such as Azure AD and Microsoft 365 Defender.

 Optimise and fine-tune KQL queries for threat hunting and detection use cases.

 Configure, deploy, and tune CrowdStrike Falcon policies, ensuring strong endpoint

protection across enterprise assets.

 Use Falcon modules such as Insight, OverWatch, and Spotlight for vulnerability

management, threat hunting, and adversary detection.

 Develop and maintain automation scripts (Python, PowerShell) to accelerate log parsing,

enrichment, and incident remediation.

 Implement Sentinel Playbooks for automated incident escalation and workflow

orchestration.

 Contribute to SOC modernisation initiatives, driving measurable improvements

 Collaborate with cross-functional teams and provide clear incident documentation for

stakeholders.