{bc}
linkedin

Cyber Security Specialist - OSN Dubai

Anghami
Dubai, UAE
Full Time
Senior
2 days ago
Microsoft SentinelSplunkAWS SecurityAzure SecurityIncident ResponseThreat Hunting
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

Microsoft SentinelSplunkAWS Security
Smart Apply

Full Job Posting

Role Purpose

  • The Cyber Security Specialist is a highly technical individual contributor responsible for protecting OSN's digital assets, content delivery infrastructure, cloud platforms, and enterprise systems against cyber threats.
  • Operating across AWS, Microsoft Azure, Microsoft 365, and on premises environments, the role combines proactive security engineering with real time threat detection, incident response, cloud security, vulnerability management, and DevSecOps to ensure resilient and secure operations across all busine
  • This role is intended for an experienced cybersecurity professional who can independently investigate complex security incidents, engineer security controls, secure cloud environments, and solve advanced technical security challenges with minimal supervision while partnering closely with infrastruct

Key Responsibilities

  • Lead end to end security incident management, including detection, triage, containment, eradication, recovery, and post incident reviews.
  • Act as the primary escalation point within the SOC for Tier 2/3 security incidents and complex investigations.
  • Develop and maintain incident response playbooks, runbooks, and communication frameworks aligned with NIST CSF and ISO 27035.
  • Conduct forensic investigations across endpoints, servers, cloud workloads, and network infrastructure, producing technical and executive incident reports.
  • Coordinate with external MSSPs, threat intelligence providers, and UAE regulatory bodies during significant security incidents.
  • Design, implement, and continuously improve SIEM detection rules, correlation logic, dashboards, and automation.
  • Conduct proactive threat hunting using MITRE ATT&CK and threat intelligence to identify hidden adversary activity.
  • Analyse threat intelligence feeds and translate findings into actionable detection use cases and security improvements.
  • Monitor OSN's attack surface and investigate Indicators of Compromise (IoCs) and Indicators of Attack (IoAs).
  • Produce regular threat intelligence and threat landscape reports for security leadership.
  • Administer, tune, and optimise enterprise security technologies including Microsoft Sentinel / Splunk, Microsoft Defender XDR, DLP, PAM, WAF, Vulnerability Management platforms.
  • Develop detection content, dashboards, and automation to improve operational efficiency.

Cloud & Infrastructure Security

  • Define and enforce security baselines across AWS, Microsoft Azure, and Microsoft 365.
  • Lead Cloud Security Posture Management (CSPM) initiatives across IaaS, PaaS, and SaaS environments.
  • Implement Zero Trust security controls and identity centric security architectures.
  • Review Infrastructure as Code (Terraform, ARM) for security compliance before deployment.
  • Partner with DevOps teams to embed security controls into CI/CD pipelines.

Vulnerability Management & Penetration Testing

  • Own the end to end vulnerability management lifecycle including discovery, prioritisation, remediation tracking, and reporting.
  • Perform internal penetration testing and security assessments across infrastructure, cloud environments, web applications, APIs, and internal networks.
  • Coordinate external penetration testing engagements and validate remediation activities.
  • Maintain the enterprise cyber risk register for identified vulnerabilities.

Application & API Security

  • Promote secure development practices aligned with OWASP Top 10, SANS CWE Top 25, and Secure SDLC principles.
  • Perform SAST, DAST, and manual application security assessments.
  • Define API security standards and monitor for API abuse and authentication weaknesses.
  • Provide secure coding guidance and security training to development teams.

OTT, Broadcast & Content Security

  • Protect OTT platforms, streaming services, and CDNs against piracy, credential stuffing, account takeover, and content leakage.
  • Administer DRM technologies including Widevine, PlayReady, and FairPlay.
  • Manage anti piracy monitoring and collaborate with content owners on takedown activities.
  • Assess cyber risks across broadcast infrastructure, contribution networks, and satellite environments.
  • Monitor emerging threats targeting the media and entertainment sector.

Compliance, Risk & Governance

  • Ensure compliance with UAE PDPL, NESA, ISO 27001, SOC 2, and other applicable security frameworks.
  • Conduct internal security audits, risk assessments, and control reviews.
  • Maintain and update cybersecurity policies, standards, and procedures.
  • Support external audits and regulatory assessments.
  • Contribute to the enterprise cyber risk register and report material risks to the Head of Cyber Security.

Technical Skills & Competencies

  • Advanced expertise with Microsoft Sentinel (preferred) and/or Splunk, including KQL/SPL query development, detection engineering, dashboards, and automation.
  • Hands on experience with Microsoft Defender XDR, CrowdStrike, SentinelOne, or equivalent EDR/XDR platforms.
  • Experience administering DLP, PAM (CyberArk, BeyondTrust), WAF (AWS WAF, Azure Front Door, Cloudflare, F5), email security gateways, and enterprise security technologies.
  • Strong experience with vulnerability management platforms including Tenable, Qualys, or Rapid7.
  • Strong hands on experience securing both AWS and Microsoft Azure cloud environments is mandatory.
  • Deep understanding of AWS security services including IAM, GuardDuty, Security Hub, CloudTrail, Config, Inspector, KMS, AWS WAF, VPC security, and logging.
  • Strong expertise with Microsoft Defender for Cloud, Microsoft Sentinel, Microsoft Entra ID, Azure Firewall, Key Vault, and Azure networking.
  • Experience implementing Zero Trust architectures, identity security, CSPM, workload protection, and cloud governance.
  • Experience securing Infrastructure as Code, CI/CD pipelines, Docker, Kubernetes, and serverless workloads.
  • Strong networking knowledge including TCP/IP, DNS, HTTP/S, TLS, VPNs, BGP, firewalls, IDS/IPS, and load balancing.
  • Strong understanding of OWASP Top 10, OWASP ASVS, Secure SDLC, API security, and common web application vulnerabilities.
  • Experience with SAST, DAST, and software composition analysis tools such as Checkmarx, Veracode, Burp Suite Pro, or equivalent.

Experience & Qualifications

  • 5–8 years of dedicated hands on cybersecurity experience in security operations, security engineering, incident response, or offensive security.
  • Proven experience operating as an independent Individual Contributor (IC) capable of solving complex technical cybersecurity challenges with minimal supervision.
  • Demonstrated expertise administering and tuning enterprise SIEM platforms within medium to large enterprise environments (500+ employees or equivalent).
  • Proven experience leading security incidents from detection through recovery, including root cause analysis and post incident reporting.
  • Strong hands on experience securing both AWS and Microsoft Azure cloud environments is required. Candidates with experience in only one cloud platform will not be considered.
  • Experience implementing cloud security controls, CSPM, IAM, threat detection, and monitoring across hybrid cloud environments.
  • Practical experience conducting penetration testing, vulnerability assessments, threat hunting, or red team activities.
  • Experience working within regulated environments governed by frameworks such as ISO 27001, SOC 2, UAE PDPL, NESA, GDPR, or equivalent.
  • Bachelor's degree in Computer Science, Cyber Security, Information Security, Electrical Engineering, or a related technical discipline. Equivalent combinations of education, industry certifications, and relevant professional experience will be considered.

Professional Certifications

  • Required (Minimum One): CISSP, CISM, CISA, or GCIH.
  • Preferred: Microsoft Certified: Security Operations Analyst Associate (SC 200), Microsoft Certified: Azure Security Engineer Associate (AZ 500), AWS Certified Security – Specialty, OSCP, CEH, GCFA/GCFE, CompTIA CySA+, Security+, or Cloud+.

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Anghami