SECURITY ARCHITECT
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Atos is seeking an experienced SOC Administrator / Senior SOC Analyst for an onsite role in Sharjah. The candidate will manage ArcSight SIEM operations, lead incident investigations, perform threat hunting, and advise customers on security decisions.
Key Skills for This Role
Responsibilities
- Administer and manage ArcSight ESM, Logger, Elastic Search, SmartConnectors, content packs, rules, dashboards, reports, active channels, filters, and correlation use cases
- Monitor SIEM platform health, connector status, event flow, EPS utilization, storage, parsing quality, log source availability
- Troubleshoot log ingestion issues, connector failures, parsing errors, event normalization issues, correlation rule performance problems
- Perform SIEM tuning to reduce false positives and improve detection accuracy
- Develop and maintain SIEM content including correlation rules, dashboards, reports, threat use cases, alert workflows
- Support onboarding of new log sources including network devices, servers, cloud platforms, EDR, AV, IAM, application logs
- Maintain documentation for SIEM architecture, log source inventory, use cases, SOPs, escalation matrix, operational runbooks
- Perform deep dive analysis of security alerts, suspicious activities, malware detections, endpoint events, cloud events, network anomalies
- Lead incident triage, validation, containment recommendations, root cause analysis, post incident reporting
- Review and improve SOC investigation workflows, alert handling procedures, escalation processes
- Perform threat hunting across SIEM, EDR, endpoint, cloud, firewall, proxy, DNS, identity, email security logs
- Support customer security teams during major incidents, audit queries, security improvement initiatives
Requirements
- 5–8+ years of cybersecurity experience with strong SOC operations and SIEM administration
- Hands on experience with ArcSight ESM, Logger, SmartConnectors, correlation rules, dashboards, reports
- Prior experience in combined SOC Admin + SOC L3 Analyst role
- Strong understanding of SOC processes, alert triage, incident response, escalation handling, threat hunting
- Knowledge of security event analysis across firewall, proxy, endpoint, server, identity, cloud, email, DNS, application logs
- Experience with EDR, antivirus, Linux, Windows logs, Azure, AWS security, SIEM engineering, security automation
- Ability to create and tune SIEM rules, dashboards, reports, and monitoring use cases
- Strong understanding of MITRE ATT&CK, cyber kill chain, common attack techniques
- Good documentation and reporting skills
- Strong troubleshooting ability for SIEM, connectors, log ingestion, parsing, platform health issues
- Ability to work independently at customer site with minimal supervision
Full Job Posting
About Atos Group
- Atos Group is a global leader in digital transformation with c. 56,000 employees and annual revenue of c. €7.2 billion.
- European number one in cybersecurity and a leader in cloud, Atos Group is committed to a secure and decarbonized future.
Role Summary
- We are looking for an experienced SOC Administrator / Senior SOC Analyst with strong hands on experience in ArcSight SIEM administration, SOC operations, incident investigation, SIEM engineering, threat hunting, and security solutioning.
- The candidate will be deployed onsite at a customer location and will act as a senior technical security resource.
Key Responsibilities SOC Administration & SIEM Management
- Administer and manage ArcSight ESM, ArcSight Logger, Elastic Search, SmartConnectors, content packs, rules, dashboards, reports, active channels, filters, and correlation use cases.
- Monitor SIEM platform health, connector status, event flow, EPS utilization, storage, parsing quality, and log source availability.
- Troubleshoot log ingestion issues, connector failures, parsing errors, event normalization issues, and correlation rule performance problems.
- Perform SIEM tuning to reduce false positives and improve detection accuracy.
- Develop and maintain SIEM content including correlation rules, dashboards, reports, threat use cases, and alert workflows.
- Support onboarding of new log sources including network devices, servers, cloud platforms, EDR, AV, IAM, and application logs.
- Maintain documentation for SIEM architecture, log source inventory, use cases, SOPs, escalation matrix, and operational runbooks.
Key Responsibilities SOC L3 Operations & Incident Response
- Perform deep dive analysis of security alerts, suspicious activities, malware detections, endpoint events, cloud events, and network anomalies.
- Lead incident triage, validation, containment recommendations, root cause analysis, and post incident reporting.
- Review and improve SOC investigation workflows, alert handling procedures, and escalation processes.
- Perform threat hunting across SIEM, EDR, endpoint, cloud, firewall, proxy, DNS, identity, and email security logs.
- Support customer security teams during major incidents, audit queries, and security improvement initiatives.
Key Responsibilities SIEM Engineering & Detection Engineering
- Design, develop, and enhance security monitoring use cases aligned with MITRE ATT&CK, current threat trends, and customer risk priorities.
- Translate business and technical risks into actionable SIEM detection logic.
- Create and tune detection rules for endpoint threats, privilege abuse, lateral movement, brute force, suspicious cloud activity, data exfiltration, malware, ransomware, and insider threats.
- Validate rule logic, reduce noisy alerts, and improve SOC investigation quality.
- Support integration of SIEM with ticketing tools, SOAR platforms, automation scripts, threat intelligence feeds, and customer security tools.
Key Responsibilities Security Technology Support
- Work with and support technologies such as EDR/XDR platforms, Antivirus/endpoint protection, Linux/Windows security logging, Azure security services, AWS security services, CloudTrail, Azure AD/Entra ID, Defender, firewall, proxy, DNS, IAM, VPN, server logs, threat intelligence, threat hunting platf
- Assist in security solutioning, tool integration, and operational improvement discussions with the customer.
- Identify gaps in monitoring, visibility, detection coverage, and response processes.
Key Responsibilities Customer Facing Responsibilities
- Work onsite with the customer’s security and IT teams on daily SOC operations.
- Provide clear technical guidance and help the customer make informed security decisions.
- Prepare daily, weekly, and monthly SOC reports, incident summaries, health checks, and improvement recommendations.
- Communicate professionally with customer stakeholders, SOC teams, and management.
- Take ownership of issues and follow through until resolution.
- Maintain a calm, confident, soft spoken, and collaborative working style.
Required Skills & Experience
- 5–8+ years of cybersecurity experience, with strong exposure to SOC operations and SIEM administration.
- Hands on experience with SIEM, preferably ArcSight ESM, Logger, SmartConnectors, correlation rules, dashboards, reports, and connector management.
- Prior experience working in a combined SOC Admin + SOC L3 Analyst role.
- Strong understanding of SOC processes, alert triage, incident response, escalation handling, and threat hunting.
- Good knowledge of security event analysis across firewall, proxy, endpoint, server, identity, cloud, email, DNS, and application logs.
- Experience with EDR, antivirus, Linux, Windows logs, Azure, AWS security, SIEM engineering, and security automation.
- Ability to create and tune SIEM rules, dashboards, reports, and monitoring use cases.
- Strong understanding of MITRE ATT&CK, cyber kill chain, common attack techniques, malware behavior, phishing, brute force, privilege escalation, and lateral movement.
- Good documentation and reporting skills.
- Strong troubleshooting ability for SIEM, connectors, log ingestion, parsing, and platform health issues.
- Ability to work independently at customer site with minimal supervision.
Preferred Certifications
- ArcSight / SIEM specific certification
- Microsoft Azure Security certification (AZ 500 or equivalent)
- AWS Security Specialty or equivalent
- CEH or equivalent
- CompTIA Security+, CySA+, GCIA, GCIH, GCFA, SC 200, SC 100, CISSP, CISM, or equivalent
Preferred Candidate Profile
- Currently based in the UAE or immediately available to relocate.
- Comfortable working full time onsite at customer premises.
- Technically hands on and operationally mature.
- Confident in dealing with customer stakeholders.
- Soft spoken, professional, and composed during pressure situations.
- Proactive and willing to take initiative beyond routine monitoring.
- Capable of guiding customer teams in decision making with practical security recommendations.
- Strong in both technical execution and customer communication.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Atos
Presales Solution Architect
Riyadh, KSA
Atos seeks a Presales Solution Architect to lead strategic visioning, enterprise architecture, and solution design for Data & AI initiatives. Requires 15+ years IT experience, 5+ years in senior Data/AI/Enterprise Archit
Presales Solution Architect
الرياض, KSA
Atos seeks a Presales Solution Architect to lead strategic visioning and enterprise architecture for Data & AI solutions in KSA. Requires 15+ years of IT experience with 5+ years in senior Data, AI/ML, or Enterprise Arch
Product Manager
Riyadh, KSA
Novo Nordisk seeks a Product Manager for Rare Disease in Riyadh to lead marketing strategy for Haemophilia, Rare Bleeding Disorders, and Growth Disorders. Requires a university degree in Pharmacy or Life Sciences, 2+ yea
CGO - Account Sales Executive
Dubai, UAE
About Atos Group Atos Group is a global leader in digital transformation with c. 67,000 employees and annual revenue of c. €10 billion, operating in 61 countries under two brands — Atos for services and Eviden for produc
CGO - Account Sales Executive
, UAE
Atos is seeking a dynamic Sales Manager to expand its footprint in UAE, focusing on generating new business and managing client relationships in the public sector. The role requires 10-12+ years of IT sales experience an
Senior Project Manager - QC Laboratory
Riyadh, KSA
Novo Nordisk seeks a Senior Project Manager for QC Laboratory to lead technology transfer and analytical method transfer for a localization program in Riyadh. The role involves coordinating QC lab readiness, ensuring GMP
Presales Principal Architect
Riyadh, KSA
Atos seeks a Presales Principal Architect to lead sovereign multi-cloud and modern IT & smart infrastructure solutions for clients in KSA. The role involves enterprise architecture, business case development, and presale
Presales Principal Architect
الرياض, KSA
Atos seeks a Senior Presales Sovereign Multi-Cloud and Modern IT & Smart Infrastructure Solution Architect to lead technology and transformation initiatives for clients in KSA. The role requires deep technical expertise
Presales Solution Architect
Riyadh, KSA
Presales Solution Architect
الرياض, KSA
Product Manager
Riyadh, KSA
CGO - Account Sales Executive
Dubai, UAE
CGO - Account Sales Executive
, UAE
Senior Project Manager - QC Laboratory
Riyadh, KSA
Presales Principal Architect
Riyadh, KSA
Presales Principal Architect
الرياض, KSA
