Enable job alerts via email!

Cybersecurity Operations Associate

VDart Software Services Pvt. Ltd.

Abu Dhabi

On-site

AED 120,000 - 160,000

Full time

Today

Be an early applicant

Job summary

A leading software solutions provider is seeking a Cybersecurity Operations Associate in Abu Dhabi to manage security incidents and enhance tool configurations. Key responsibilities include collaborating with operations teams, developing SIEM analytic rules, and administering identity protection solutions. Candidates should have experience in cybersecurity operations and familiarity with relevant tools. Competitive compensation and a dynamic working environment are offered.

Qualifications

Experience with SOC operations and incident response.
Proficiency in configuring and maintaining security tools.
Knowledge of SIEM and SOAR tools.

Responsibilities

Collaborate with SOC for incident investigations.
Develop and maintain SIEM analytic rules.
Monitor and administer privileged access solutions.

Skills

Incident response coordination

SiEM management

Identity Protection

Network security analysis

Tools

Microsoft Defender

Darktrace

Microsoft Sentinel

Job Title:

Cybersecurity Operations Associate

Location:

Abu Dhabi, UAE

Key Responsibilities

Security Operations & Incident Response

Collaborate with SOC for investigation, containment, and eradication of incidents.
Perform configuration maintenance and fine-tuning across Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365.
Manage and monitor Darktrace NDR alerts; review anomalies, provide context, and adjust models to reduce false positives.
Support investigations related to email security (Defender for O365 and Darktrace Email) including phishing, spoofing, and user-reported cases.
Coordinate with Group Technology teams to ensure timely response and resolution of security incidents.
Participate in post-incident reviews and contribute to lessons-learned documentation.

SIEM & SOAR Management

Develop, maintain, and tune Microsoft Sentinel analytic rules, hunting queries, and automation (SOAR) playbooks.
Onboard new log sources and ensure data normalization, parsing, and enrichment for accurate detections.
Coordinate with Microsoft Defender Experts and other stakeholders for SIEM use case optimization.
Support creation of dashboards and metrics reporting for incident trends and operational KPIs (MTTD, MTTR, SLA).

Identity & Privileged Access Management

Administer and monitor identity protection and privileged access solutions.
Review privileged access requests, ensure compliance with segregation of duties.
Monitor privileged session activities and ensure adherence to least-privilege principles.

Network & User Security Requests

Review firewall and network access requests from a security standpoint and validate alignment with security policies and segmentation principles.
Handle user-related security requests and investigations through the ticketing platform.
Coordinate with IT operations and infrastructure teams to ensure secure configuration of network and endpoint assets.

Continuous Improvement & Reporting

Contribute to operational metrics (MTTD, MTTR, SLA compliance, trend analysis) and monthly reporting dashboards.
Participate in vulnerability and risk review meetings to ensure timely remediation of security gaps.
Support compliance evidence gathering for internal and external audits (e.g., ISO 27001).
Collaborate with Microsoft and other partners to optimize tool configurations and workflows.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.