Senior SOC Analyst
Location: UAE / Middle East (On-site / Shift-based)
Job Type: Full-Time
Department: Managed Security Services – SOC
Experience: 3–6 Years (SOC / Security Operations)
Reports To: SOC Team Lead
About ProofOps
ProofOps is a cybersecurity services company helping organizations across the UAE and Middle East strengthen their security posture through practical, outcome-driven programs.
We deliver a broad portfolio of Managed Security Services, including:
- Managed SOC
- Digital Forensics \& Incident Response (DFIR)
- Vulnerability Assessment \& Penetration Testing (VAPT)
- Brand Protection
- Network Security Services
Our Managed SOC provides 24/7 threat monitoring, detection, and response for enterprise customers across the region. The Senior SOC Analyst plays a critical role in improving detection quality, conducting investigations, and ensuring effective incident response.
Job Overview
We are looking for a technically skilled Senior SOC Analyst to join our Security Operations team.
This is an L3-level role responsible for complex security investigations, incident response, threat hunting, detection improvement, and mentoring junior analysts.
The ideal candidate should have strong experience working in a SOC environment, handling real security incidents, improving detection capabilities, and supporting a multi-customer MSSP environment.
Key Responsibilities
- Perform advanced triage, investigation, and analysis of security alerts across multiple SIEM environments.
- Act as an L3 escalation point for complex and high-severity security incidents.
- Lead incident response activities including:
- Containment
- Eradication
- Recovery
- Post-incident reviews
- Conduct proactive threat hunting using:
- Threat intelligence
- MITRE ATT\&CK framework
- Customer-specific risk profiles
- Develop and tune SIEM detection rules, correlation logic, and alert thresholds.
- Create and maintain incident response playbooks and SOC runbooks.
- Prepare detailed incident reports and post-incident documentation.
- Analyze threat intelligence, IOCs, TTPs, and attacker behavior.
- Investigate security events across:
- EDR platforms
- Network logs
- Identity systems
- Cloud environments
- Application logs
- Provide technical guidance and mentorship to L1/L2 SOC analysts.
- Support customer onboarding activities including:
- Log source validation
- Baseline reviews
- Security use-case configuration
- Participate in SOC shift handovers and maintain investigation continuity.
Required Skills \& Experience
- 3–6 years of hands-on experience in SOC or Security Operations.
- Minimum 1–2 years of L2/L3 SOC analyst experience.
- Experience handling security alerts, investigations, and incident response in a live SOC environment.
- Strong experience with at least one SIEM platform:
- Microsoft Sentinel
- Splunk
- IBM QRadar
- Elastic SIEM
- Similar platforms
- Experience with EDR solutions:
- CrowdStrike Falcon
- SentinelOne
- Microsoft Defender for Endpoint
- Similar platforms
- Strong understanding of:
- MITRE ATT\&CK Framework
- Threat hunting methodologies
- Detection engineering concepts
- Knowledge of network security fundamentals:
- TCP/IP
- DNS
- HTTP/S
- Firewall logs
- Proxy logs
- Network attack patterns
- Experience analyzing Windows and Linux security artifacts:
- Event logs
- Process trees
- Registry
- Scheduled tasks
- Persistence mechanisms
- Ability to create professional incident reports and customer documentation.
Required Certifications
Candidates must hold at least one of the following certifications:
- Blue Team Level 2 (BTL2) – Security Blue Team
- GIAC Certified Incident Handler (GCIH) – GIAC/SANS
- GIAC Certified Forensic Analyst (GCFA) – GIAC/SANS
- CompTIA CASP+ (Advanced Security Practitioner)
Preferred Certifications
- Blue Team Level 1 (BTL1)
- Microsoft SC-200 (Security Operations Analyst)
- Certified SOC Analyst (CSA) – EC-Council
- CompTIA CySA+
- GIAC Cyber Threat Intelligence (GCTI)
Preferred Qualifications
Experience with the following is an advantage:
- MSSP or multi-tenant SOC environments.
- SOAR platforms:
- Microsoft Sentinel SOAR
- Palo Alto Cortex XSOAR
- Splunk SOAR
- Cloud security monitoring:
- Azure
- AWS
- GCP
- Digital forensics activities:
- Memory analysis
- Disk analysis
- Browser artifacts
- Timeline analysis
- Threat intelligence platforms:
- MISP
- OpenCTI
- Recorded Future
- Security automation using:
- Python
- PowerShell
- KQL
- UAE/Middle East SOC delivery experience and familiarity with regional security frameworks.
Soft Skills
- Strong analytical and investigation skills.
- Calm decision-making during high-severity incidents.
- Proactive approach toward learning and threat research.
- Strong communication skills with technical and non-technical stakeholders.
- Ability to mentor junior team members.
- High attention to detail in reports, documentation, and case management.
What We Offer
- Competitive compensation based on experience and certifications.
- Annual training and certification budget.
- Exposure to real security incidents and enterprise environments.
- Opportunity to work with modern SOC tools and automation platforms.
- Career growth opportunities into:
- SOC Team Lead
- Detection Engineer
- DFIR Analyst
- A cybersecurity-focused culture built around technical excellence, ownership, and continuous learning.
If you are passionate about security operations, threat detection, and incident response, we would love to hear from you.
Pay: From AED8,000.00 per month
Application Question(s):
- Do you have required certifications
- Do you have 3 or more years of experience
Work Location: In person