Senior SOC Analyst

Full time on site
Senior SOC Analyst
Job Description

Senior SOC Analyst

Location: UAE / Middle East (On-site / Shift-based)
Job Type: Full-Time
Department: Managed Security Services – SOC
Experience: 3–6 Years (SOC / Security Operations)
Reports To: SOC Team Lead

About ProofOps

ProofOps is a cybersecurity services company helping organizations across the UAE and Middle East strengthen their security posture through practical, outcome-driven programs.

We deliver a broad portfolio of Managed Security Services, including:

  • Managed SOC
  • Digital Forensics \& Incident Response (DFIR)
  • Vulnerability Assessment \& Penetration Testing (VAPT)
  • Brand Protection
  • Network Security Services

Our Managed SOC provides 24/7 threat monitoring, detection, and response for enterprise customers across the region. The Senior SOC Analyst plays a critical role in improving detection quality, conducting investigations, and ensuring effective incident response.

Job Overview

We are looking for a technically skilled Senior SOC Analyst to join our Security Operations team.

This is an L3-level role responsible for complex security investigations, incident response, threat hunting, detection improvement, and mentoring junior analysts.

The ideal candidate should have strong experience working in a SOC environment, handling real security incidents, improving detection capabilities, and supporting a multi-customer MSSP environment.

Key Responsibilities

  • Perform advanced triage, investigation, and analysis of security alerts across multiple SIEM environments.
  • Act as an L3 escalation point for complex and high-severity security incidents.
  • Lead incident response activities including:
  • Containment
  • Eradication
  • Recovery
  • Post-incident reviews
  • Conduct proactive threat hunting using:
  • Threat intelligence
  • MITRE ATT\&CK framework
  • Customer-specific risk profiles
  • Develop and tune SIEM detection rules, correlation logic, and alert thresholds.
  • Create and maintain incident response playbooks and SOC runbooks.
  • Prepare detailed incident reports and post-incident documentation.
  • Analyze threat intelligence, IOCs, TTPs, and attacker behavior.
  • Investigate security events across:
  • EDR platforms
  • Network logs
  • Identity systems
  • Cloud environments
  • Application logs
  • Provide technical guidance and mentorship to L1/L2 SOC analysts.
  • Support customer onboarding activities including:
  • Log source validation
  • Baseline reviews
  • Security use-case configuration
  • Participate in SOC shift handovers and maintain investigation continuity.

Required Skills \& Experience

  • 3–6 years of hands-on experience in SOC or Security Operations.
  • Minimum 1–2 years of L2/L3 SOC analyst experience.
  • Experience handling security alerts, investigations, and incident response in a live SOC environment.
  • Strong experience with at least one SIEM platform:
  • Microsoft Sentinel
  • Splunk
  • IBM QRadar
  • Elastic SIEM
  • Similar platforms
  • Experience with EDR solutions:
  • CrowdStrike Falcon
  • SentinelOne
  • Microsoft Defender for Endpoint
  • Similar platforms
  • Strong understanding of:
  • MITRE ATT\&CK Framework
  • Threat hunting methodologies
  • Detection engineering concepts
  • Knowledge of network security fundamentals:
  • TCP/IP
  • DNS
  • HTTP/S
  • Firewall logs
  • Proxy logs
  • Network attack patterns
  • Experience analyzing Windows and Linux security artifacts:
  • Event logs
  • Process trees
  • Registry
  • Scheduled tasks
  • Persistence mechanisms
  • Ability to create professional incident reports and customer documentation.

Required Certifications

Candidates must hold at least one of the following certifications:

  • Blue Team Level 2 (BTL2) – Security Blue Team
  • GIAC Certified Incident Handler (GCIH) – GIAC/SANS
  • GIAC Certified Forensic Analyst (GCFA) – GIAC/SANS
  • CompTIA CASP+ (Advanced Security Practitioner)

Preferred Certifications

  • Blue Team Level 1 (BTL1)
  • Microsoft SC-200 (Security Operations Analyst)
  • Certified SOC Analyst (CSA) – EC-Council
  • CompTIA CySA+
  • GIAC Cyber Threat Intelligence (GCTI)

Preferred Qualifications

Experience with the following is an advantage:

  • MSSP or multi-tenant SOC environments.
  • SOAR platforms:
  • Microsoft Sentinel SOAR
  • Palo Alto Cortex XSOAR
  • Splunk SOAR
  • Cloud security monitoring:
  • Azure
  • AWS
  • GCP
  • Digital forensics activities:
  • Memory analysis
  • Disk analysis
  • Browser artifacts
  • Timeline analysis
  • Threat intelligence platforms:
  • MISP
  • OpenCTI
  • Recorded Future
  • Security automation using:
  • Python
  • PowerShell
  • KQL
  • UAE/Middle East SOC delivery experience and familiarity with regional security frameworks.

Soft Skills

  • Strong analytical and investigation skills.
  • Calm decision-making during high-severity incidents.
  • Proactive approach toward learning and threat research.
  • Strong communication skills with technical and non-technical stakeholders.
  • Ability to mentor junior team members.
  • High attention to detail in reports, documentation, and case management.

What We Offer

  • Competitive compensation based on experience and certifications.
  • Annual training and certification budget.
  • Exposure to real security incidents and enterprise environments.
  • Opportunity to work with modern SOC tools and automation platforms.
  • Career growth opportunities into:
  • SOC Team Lead
  • Detection Engineer
  • DFIR Analyst
  • A cybersecurity-focused culture built around technical excellence, ownership, and continuous learning.

If you are passionate about security operations, threat detection, and incident response, we would love to hear from you.

Pay: From AED8,000.00 per month

Application Question(s):

  • Do you have required certifications
  • Do you have 3 or more years of experience

Work Location: In person

Share this job:
ES Assistant Online
Hello! I am your AI career assistant. How can I help you today?