Cybersecurity Engineer
TAT IT TechnolgiesUnited Arab Emirates5 hours ago
Full-timeRemote FriendlyInformation Technology
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
We have an urgent requirement for Cybersecurity Engineer for our client based at Dubai.
Experience in cybersecurity engineering, security architecture, or technical risk management--Must
Vulnerability management, incident response, and threat modeling.--Must
Working knowledge of compliance and security frameworks: ISO 27001, UAEIA, NIST CSF, MITRE ATT&CK--Must
Implementation and validation reports for newly deployed security tools (e.g., EDR, DLP, SOAR).--Must
Strong understanding of network security technologies including firewalls, WAFs, IDS/IPS —Must
Hands-on experience with tools such as SIEM (e.g., Splunk, QRadar), SOAR, EDR/XDR, vulnerability scanners (e.g., Tenable, Qualys), and PAM solutions (CyberArk, BeyondTrust).--Must
Key Responsibilities:
Security Architecture & Engineering:
Design and implement secure architecture across IT and OT systems, ensuring defense-in-depth and secure-by-design principles.Develop and maintain security controls for infrastructure, endpoints, cloud, and applications.Validate the security of network, system, and cloud configurations to ensure alignment with architecture standards and compliance requirements.
Vulnerability & Risk Management:
Conduct regular vulnerability assessments and threat modeling for enterprise assets.Analyze and prioritize risks; coordinate remediation efforts with infrastructure and application teams.
Ensure alignment of risk mitigation efforts with ISO 27001, UAEIA, and NIST standards.
Security Operations & Monitoring
Review alerts, logs, and indicators of compromise to support continuous monitoring and response.
Recommend and implement automation or tuning improvements to reduce false positives and improve detection accuracy.
Cloud & Application Security
Engineer secure configurations and architectures for multi-cloud environments (AWS, Azure, GCP).
Integrate security controls within CI/CD pipelines and DevSecOps practices.
Participate in secure code review processes and support application security testing (SAST, DAST).
Incident Response & Forensics:
Provide technical leadership during cyber incidents, performing root cause analysis and digital forensics.Update incident playbooks and lead post-incident review sessions.Maintain evidence handling procedures aligned with regulatory and legal standards.
Compliance & Policy Alignment:
Ensure cybersecurity policies, standards, and procedures meet UAEIA, ISO 27001/27002, and internal audit requirements.
Contribute to audit readiness by maintaining accurate technical documentation and access control records.
Support internal reviews and regulatory assessments with technical input.
Stakeholder Collaboration:
Collaborate with SOC, IT infrastructure, application, risk, and audit teams to embed security into projects and operations.Review network and system architecture from a security perspective and provide risk-based recommendations.Participate in change management processes to evaluate security impact
Technical Expertise:
Strong understanding of network security technologies including firewalls, WAFs, IDS/IPS — with ability to review their configuration from a security and compliance perspective.
Hands-on experience with tools such as SIEM (e.g., Splunk, QRadar), SOAR, EDR/XDR, vulnerability scanners (e.g., Tenable, Qualys), and PAM solutions (CyberArk, BeyondTrust).
Experience in securing cloud-native and hybrid environments.
Familiarity with secure development practices, DevSecOps, and container security (e.g., Docker, Kubernetes).Proficiency in scripting (Python, PowerShell, Bash) to automate security tasks and analysis.
Required Skills And Qualifications (5-8 Years Of Experience)
Proven experience in cybersecurity engineering, security architecture, or technical risk management.
Strong understanding of network, endpoint, cloud, and application security principles.
Experience with vulnerability management, incident response, and threat modeling.
Working knowledge of compliance and security frameworks: ISO 27001, UAEIA, NIST CSF, MITRE ATT&CK.Ability to communicate security risks and recommendations clearly to technical and non-technical audiences.
Relevant certifications such as CISSP, OSCP, CEH, GCIA, CCSP, or equivalent are strongly preferred.
Key Deliverables:
Security Architecture & Engineering:
Secure architecture diagrams, security design documentation, and technical standards.Assessment reports on system and infrastructure configurations with risk mitigation recommendations
Vulnerability & Risk Management:
Regular vulnerability scan analysis, remediation tracking, and risk reports.Threat models and risk assessments aligned with business and regulatory priorities
Security Operations & Monitoring:
Detection use case documentation and SIEM/SOAR correlation rules.Metrics dashboards showing alert fidelity and incident response improvements.
Cloud & Application Security:
CI/CD security validation checklists and application testing reports.Cloud security posture assessments and hardening reports.
Incident Response & Forensics
Incident logs, investigation summaries, and post-incident reports.Updated IR playbooks and forensics documentation.
Deliverable:
Documentation & Policy Alignment:
Technical SOPs and secure configuration baselines aligned with UAEIA and ISO 27001 standards.Audit-ready documentation for network changes and access controls.
Compliance & Policy Alignment
Technical SOPs, access control documentation, and audit evidence packs.
Logs of policy exceptions, changes, and mitigation actions.
Cybersecurity and Network Knowledge
Deliverable:
Quarterly security landscape report outlining relevant trends, risks, and recommendations for network security enhancements.
Knowledge-sharing session logs or training materials developed for internal teams.
Security Architecture & Engineering
Security architecture review reports and approval checklists for new or updated systems.
Reference architectures for secure network segmentation, Zero Trust, and cloud environments.
Implementation and validation reports for newly deployed security tools (e.g., EDR, DLP, SOAR).
Security control design documents mapped to threat models and business use case
Skills: risk,cybersecurity,cloud
Experience in cybersecurity engineering, security architecture, or technical risk management--Must
Vulnerability management, incident response, and threat modeling.--Must
Working knowledge of compliance and security frameworks: ISO 27001, UAEIA, NIST CSF, MITRE ATT&CK--Must
Implementation and validation reports for newly deployed security tools (e.g., EDR, DLP, SOAR).--Must
Strong understanding of network security technologies including firewalls, WAFs, IDS/IPS —Must
Hands-on experience with tools such as SIEM (e.g., Splunk, QRadar), SOAR, EDR/XDR, vulnerability scanners (e.g., Tenable, Qualys), and PAM solutions (CyberArk, BeyondTrust).--Must
Key Responsibilities:
Security Architecture & Engineering:
Design and implement secure architecture across IT and OT systems, ensuring defense-in-depth and secure-by-design principles.Develop and maintain security controls for infrastructure, endpoints, cloud, and applications.Validate the security of network, system, and cloud configurations to ensure alignment with architecture standards and compliance requirements.
Vulnerability & Risk Management:
Conduct regular vulnerability assessments and threat modeling for enterprise assets.Analyze and prioritize risks; coordinate remediation efforts with infrastructure and application teams.
Ensure alignment of risk mitigation efforts with ISO 27001, UAEIA, and NIST standards.
Security Operations & Monitoring
Review alerts, logs, and indicators of compromise to support continuous monitoring and response.
Recommend and implement automation or tuning improvements to reduce false positives and improve detection accuracy.
Cloud & Application Security
Engineer secure configurations and architectures for multi-cloud environments (AWS, Azure, GCP).
Integrate security controls within CI/CD pipelines and DevSecOps practices.
Participate in secure code review processes and support application security testing (SAST, DAST).
Incident Response & Forensics:
Provide technical leadership during cyber incidents, performing root cause analysis and digital forensics.Update incident playbooks and lead post-incident review sessions.Maintain evidence handling procedures aligned with regulatory and legal standards.
Compliance & Policy Alignment:
Ensure cybersecurity policies, standards, and procedures meet UAEIA, ISO 27001/27002, and internal audit requirements.
Contribute to audit readiness by maintaining accurate technical documentation and access control records.
Support internal reviews and regulatory assessments with technical input.
Stakeholder Collaboration:
Collaborate with SOC, IT infrastructure, application, risk, and audit teams to embed security into projects and operations.Review network and system architecture from a security perspective and provide risk-based recommendations.Participate in change management processes to evaluate security impact
Technical Expertise:
Strong understanding of network security technologies including firewalls, WAFs, IDS/IPS — with ability to review their configuration from a security and compliance perspective.
Hands-on experience with tools such as SIEM (e.g., Splunk, QRadar), SOAR, EDR/XDR, vulnerability scanners (e.g., Tenable, Qualys), and PAM solutions (CyberArk, BeyondTrust).
Experience in securing cloud-native and hybrid environments.
Familiarity with secure development practices, DevSecOps, and container security (e.g., Docker, Kubernetes).Proficiency in scripting (Python, PowerShell, Bash) to automate security tasks and analysis.
Required Skills And Qualifications (5-8 Years Of Experience)
Proven experience in cybersecurity engineering, security architecture, or technical risk management.
Strong understanding of network, endpoint, cloud, and application security principles.
Experience with vulnerability management, incident response, and threat modeling.
Working knowledge of compliance and security frameworks: ISO 27001, UAEIA, NIST CSF, MITRE ATT&CK.Ability to communicate security risks and recommendations clearly to technical and non-technical audiences.
Relevant certifications such as CISSP, OSCP, CEH, GCIA, CCSP, or equivalent are strongly preferred.
Key Deliverables:
Security Architecture & Engineering:
Secure architecture diagrams, security design documentation, and technical standards.Assessment reports on system and infrastructure configurations with risk mitigation recommendations
Vulnerability & Risk Management:
Regular vulnerability scan analysis, remediation tracking, and risk reports.Threat models and risk assessments aligned with business and regulatory priorities
Security Operations & Monitoring:
Detection use case documentation and SIEM/SOAR correlation rules.Metrics dashboards showing alert fidelity and incident response improvements.
Cloud & Application Security:
CI/CD security validation checklists and application testing reports.Cloud security posture assessments and hardening reports.
Incident Response & Forensics
Incident logs, investigation summaries, and post-incident reports.Updated IR playbooks and forensics documentation.
Deliverable:
Documentation & Policy Alignment:
Technical SOPs and secure configuration baselines aligned with UAEIA and ISO 27001 standards.Audit-ready documentation for network changes and access controls.
Compliance & Policy Alignment
Technical SOPs, access control documentation, and audit evidence packs.
Logs of policy exceptions, changes, and mitigation actions.
Cybersecurity and Network Knowledge
Deliverable:
Quarterly security landscape report outlining relevant trends, risks, and recommendations for network security enhancements.
Knowledge-sharing session logs or training materials developed for internal teams.
Security Architecture & Engineering
Security architecture review reports and approval checklists for new or updated systems.
Reference architectures for secure network segmentation, Zero Trust, and cloud environments.
Implementation and validation reports for newly deployed security tools (e.g., EDR, DLP, SOAR).
Security control design documents mapped to threat models and business use case
Skills: risk,cybersecurity,cloud
Key Skills
Ranked by relevanceReady to apply?
Join TAT IT Technolgies and take your career to the next level!
Application takes less than 5 minutes