Group Specialist Security Operations

Python, PowerShell, Jinja, Cyber Kill Chain, pervasive threats attack

Preferred Jobseekers

Jobseekers from any GCC country

Job Responsibilities:

1. Lead the development, deployment, and optimization of Security Operations Centres (SOC), including SOAR implementation projects.
2. Design and execute custom automation scripts and playbooks to streamline security workflows (detection, containment, response).
3. Reduce MTTD/MTTR, improve recovery times, and automate security event handling in multi-tenant environments.
4. Collaborate with cross-functional teams to integrate SOAR with existing security tools and processes.
5. Develop and maintain SOC documentation, SOPs, SLAs, and reporting templates.
6. Investigate, analyze, coordinate, and report on security events, incidents, and intrusions.
7. Analyze and integrate threat intelligence data in SIEM and SOAR to enhance detection and response.
8. Leverage threat intelligence to build and tune use cases for security monitoring and develop security hunting tasks.
9. Stay current with emerging threats and vulnerabilities, incorporating relevant intelligence into security practices.
10. Create and maintain documentation for SIEM and SOAR configurations, procedures, and playbooks.
11. Generate reports on security incidents, trends, and metrics for management.
12. Provide training and guidance on SIEM and SOAR best practices.
13. Document incidents, investigations, and analysis activities thoroughly.
14. Work with IT teams to troubleshoot and resolve security issues and configure log forwarding.
15. Assist in project activities, creating/reviewing use cases, and coordinating with vendors.
16. Study vulnerabilities, identify threats, and recommend corrective actions.
17. Conduct SOC Maturity Model assessments.
18. Stay updated on tools, techniques, and vulnerabilities.
19. Promote positive behaviors aligned with DP World's principles and ensure safety.
20. Perform other related duties as assigned.

Qualifications, Experience, and Skills:

1. Bachelor’s Degree in Computer Science or equivalent.
2. 8-10 years of experience in IT Security, with at least 6 years in log data analysis supporting intrusion or security operations.
3. Deep technical knowledge across Cyber Security domains.
4. Knowledge of current cyber threats, attack lifecycle, TTPs, and the Cyber Kill Chain.
5. Hands-on experience with SIEM and SOAR solutions.
6. Understanding of security frameworks and compliance regulations.
7. Proficiency in scripting languages like Python, PowerShell, Jinja.
8. Excellent analytical and communication skills.
9. Industry certifications such as CISSP, GIAC, NSE, or Microsoft Azure.
10. Understanding of e-commerce, logistics, supply chain, and port operations is a plus.
11. Knowledge of the MITRE framework and attack vectors.
12. Experience in multi-tenant environments preferred.

You will be redirected to the company website to apply for this position.