Cyber Security Specialist - OSN Dubai
Indexed description
This role is intended for an experienced cybersecurity professional who can independently investigate complex security incidents, engineer security controls, secure cloud environments, and solve advanced technical security challenges with minimal supervision while partnering closely with infrastructure, cloud, engineering, and business teams.
Key Responsibilities
- Security Operations & Incident Response
Act as the primary escalation point within the SOC for Tier 2/3 security incidents and complex investigations.
Develop and maintain incident response playbooks, runbooks, and communication frameworks aligned with NIST CSF and ISO 27035.
Conduct forensic investigations across endpoints, servers, cloud workloads, and network infrastructure, producing technical and executive incident reports.
Coordinate with external MSSPs, threat intelligence providers, and UAE regulatory bodies during significant security incidents.
- Threat Detection, Hunting & Analytics
Conduct proactive threat hunting using MITRE ATT&CK and threat intelligence to identify hidden adversary activity.
Analyse threat intelligence feeds and translate findings into actionable detection use cases and security improvements.
Monitor OSN's attack surface and investigate Indicators of Compromise (IoCs) and Indicators of Attack (IoAs).
Produce regular threat intelligence and threat landscape reports for security leadership.
- Security Technology Administration
Microsoft Defender XDR
DLP, PAM, WAF, Vulnerability Management platforms
Develop detection content, dashboards, and automation to improve operational efficiency.
Ensure security technologies remain aligned with evolving threat landscapes and business requirements.
- Cloud & Infrastructure Security
Lead Cloud Security Posture Management (CSPM) initiatives across IaaS, PaaS, and SaaS environments.
Implement Zero Trust security controls and identity-centric security architectures.
Review Infrastructure as Code (Terraform, ARM) for security compliance before deployment.
Partner with DevOps teams to embed security controls into CI/CD pipelines.
- Vulnerability Management & Penetration Testing
Perform internal penetration testing and security assessments across infrastructure, cloud environments, web applications, APIs, and internal networks.
Coordinate external penetration testing engagements and validate remediation activities.
Maintain the enterprise cyber risk register for identified vulnerabilities.
- Application & API Security
Perform SAST, DAST, and manual application security assessments.
Define API security standards and monitor for API abuse and authentication weaknesses.
Provide secure coding guidance and security training to development teams.
- OTT, Broadcast & Content Security
Administer DRM technologies including Widevine, PlayReady, and FairPlay.
Manage anti-piracy monitoring and collaborate with content owners on takedown activities.
Assess cyber risks across broadcast infrastructure, contribution networks, and satellite environments.
Monitor emerging threats targeting the media and entertainment sector.
- Compliance, Risk & Governance
Conduct internal security audits, risk assessments, and control reviews.
Maintain and update cybersecurity policies, standards, and procedures.
Support external audits and regulatory assessments.
Contribute to the enterprise cyber risk register and report material risks to the Head of Cyber Security.
Technical Skills & Competencies
Security Operations & Tooling
- Advanced expertise with Microsoft Sentinel (preferred) and/or Splunk, including KQL/SPL query development, detection engineering, dashboards, and automation.
- Hands-on experience with Microsoft Defender XDR, CrowdStrike, SentinelOne, or equivalent EDR/XDR platforms.
- Experience administering DLP, PAM (CyberArk, BeyondTrust), WAF (AWS WAF, Azure Front Door, Cloudflare, F5), email security gateways, and enterprise security technologies.
- Strong experience with vulnerability management platforms including Tenable, Qualys, or Rapid7.
- Strong hands-on experience securing both AWS and Microsoft Azure cloud environments is mandatory.
- Deep understanding of AWS security services including IAM, GuardDuty, Security Hub, CloudTrail, Config, Inspector, KMS, AWS WAF, VPC security, and logging.
- Strong expertise with Microsoft Defender for Cloud, Microsoft Sentinel, Microsoft Entra ID, Azure Firewall, Key Vault, and Azure networking.
- Experience implementing Zero Trust architectures, identity security, CSPM, workload protection, and cloud governance.
- Experience securing Infrastructure as Code, CI/CD pipelines, Docker, Kubernetes, and serverless workloads.
- Strong networking knowledge including TCP/IP, DNS, HTTP/S, TLS, VPNs, BGP, firewalls, IDS/IPS, and load balancing.
- Strong understanding of OWASP Top 10, OWASP ASVS, Secure SDLC, API security, and common web application vulnerabilities.
- Experience with SAST, DAST, and software composition analysis tools such as Checkmarx, Veracode, Burp Suite Pro, or equivalent.
- Proficiency in Python, PowerShell, or Bash for automation, scripting, and security integrations.
- Strong working knowledge of MITRE ATT&CK, NIST CSF, ISO 27001/27002, CIS Controls v8, and Zero Trust principles.
- Familiarity with UAE PDPL, NESA, SOC 2, GDPR, and other relevant regulatory frameworks.
Proven experience operating as an independent Individual Contributor (IC) capable of solving complex technical cybersecurity challenges with minimal supervision.
Demonstrated expertise administering and tuning enterprise SIEM platforms within medium-to-large enterprise environments (500+ employees or equivalent).
Proven experience leading security incidents from detection through recovery, including root cause analysis and post-incident reporting.
Strong hands-on experience securing both AWS and Microsoft Azure cloud environments is required. Candidates with experience in only one cloud platform will not be considered.
Experience implementing cloud security controls, CSPM, IAM, threat detection, and monitoring across hybrid cloud environments.
Practical experience conducting penetration testing, vulnerability assessments, threat hunting, or red team activities.
Experience working within regulated environments governed by frameworks such as ISO 27001, SOC 2, UAE PDPL, NESA, GDPR, or equivalent.
Qualifications
- Bachelor's degree in Computer Science, Cyber Security, Information Security, Electrical Engineering, or a related technical discipline.
- Equivalent combinations of education, industry certifications, and relevant professional experience will be considered.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search