Job Purpose:

The Senior Associate – Security Operations Centre (SOC) will play a pivotal role within the Information Security team, serving as a primary responder to cybersecurity threats targeting the bank’s critical systems and digital infrastructure across both cloud environments and on-premises. This position is responsible for the continuous monitoring, analysis, and response to security incidents, while ensuring the confidentiality, integrity, and availability of critical systems.

The role also involves close collaboration with cross-functional teams to enhance the bank’s security operations capabilities and maintain a robust cybersecurity posture.

Key Responsibilities:

• Monitor, analyze, and respond to security events using MXDR SIEM, EDR, and DLP tools.
• Lead end-to-end incident response activities, including triage, investigation, containment, remediation, and post-incident reviews.
• Correlate internal telemetry with threat intelligence to identify and mitigate emerging risks.
• Conduct proactive threat hunting and anomaly detection across hybrid environments (on-prem and cloud).
• Manage and optimize SOC dashboards, reports, and KPIs for operational visibility and executive reporting.
• Provide oversight and monitoring of premise and cloud environments (Azure), ensuring alignment with security best practices.
• Collaborate with IT, Desktop, and Application teams to ensure the critical systems and application logs (On premise and Cloud) are sent to the SIEM to monitor.
• Support regulatory compliance assessments (UAE IA, SWIFT, PCI-DSS) through gap assessments and remediation tracking.
• Perform vulnerability and compliance baseline scans (Qualys)and coordinate with IT Operation on patching activities.
• Continuously improve SOC processes, playbooks, and automation workflows to enhance efficiency and response times.
• Conduct user access reviews, Firewall/IPS rule/policy checks, and security device configuration audits.
• Develop and monitor data leakage prevention and data classification solutions, escalate data leakage alerts to the manager, and ensure banks data classified, monitored and protected in accordance with the data classification policy.
• Plan and deliver security awareness programs, phishing simulations, and targeted information security training.
• Support in creating, reviewing, and updating security policies, guidelines, and procedures.
• Review alerts from brand protection solution and coordinate with the vendor to mitigate such alerts.
• Support in conducting risk assessments, user access review for critical applications, Infrastructure, and cloud environment and third parties who offer critical services to the bank.
• Mentor Trainee and contribute to the overall maturity and capability uplift of the SOC.

Qualification & Certification:

Education & Technical Proficiency:

• Master’s or bachelor’s degree in computer engineering, Information Security, or a related field from recognized University.
• Working experience in different Information security / IT Security domains.
• Working knowledge or familiarity of Splunk, Azure Sentinel, Forcepoint Proxy, Azure Security.
• Hands on experience in DLP and Data Classification Solutions (e.g., Forcepoint, Microsoft Purview).
• Solid understanding of cloud security (Microsoft Azure) monitoring and compliance standards.
• Vulnerability and Compliance management tools (Qualys) and log aggregation platforms.
• Familiarity with GRC or risk management platforms (e.g., ServiceNow GRC, MetricStream) is an advantage.
• Familiarity with automation scripting (e.g., Python) is a plus.

Certifications:

• Information Security Certifications: Azure Security Engineer (AZ-500), CISA, Security+, CEH, GCIA, or equivalent industry certifications. (any two certifications are must)
• Professional certifications such as CCSK, CISM, CRISC (good to have).

Experience & Skills:

Experience:

• 6-7 years of progressive experience in cybersecurity, with at least 3-4 years in a banking or financial services SOC environment.

Skills:

• Strong analytical and problem-solving abilities with and report writing skills.
• Excellent communication skills, capable of translating complex technical issues for non-technical stakeholders.
• High ownership mindset with the ability to perform under pressure in a challenging environment.
• Effective stakeholder management and a collaborative team player.
• Passion for continuous learning and staying current with the evolving threat landscape.