Job Description

Job Brief:
We are seeking a skilled Security Admin L2 to support security investigations, incident response, and SIEM monitoring.
In this role, you will analyze alerts, guide L1 analysts, coordinate incident response, and perform deep-dive investigations across various security technologies. You will also help optimize SOC processes, fine-tune SIEM rules, and ensure strong communication across internal teams.
This role is ideal for professionals with hands-on SOC experience and strong knowledge of attack techniques and industry frameworks.
Responsibilities:

• Conduct security investigations and triage incidents raised by L1 analysts or high-severity SIEM alerts.
• Guide L1 SOC analysts on incident resolution and containment techniques.
• Act as the lead coordinator during security incidents and ensure timely response and closure.
• Perform detailed investigations using packet capture (PCAP) files when required.
• Analyze logs from firewalls, DNS security tools, proxy systems, and endpoint security platforms.
• Recommend SIEM rule tuning and report optimization to reduce false positives.
• Work closely with cross-functional teams for incident response, issue resolution, and performance troubleshooting.
• Communicate clearly with customers, SOC team members, and management as needed.
• Prepare scheduled reports and dashboards for stakeholders.
• Create or update Standard Operating Procedures (SOPs) as required.
• Provide recommendations to enhance security systems, SOC processes, policies, and procedures.

Qualifications:
Education:

• BE / B.Tech / BCA / MCA / BSc (IT or Computer-related fields)

Certifications:

• CCNA
• CEH
• Any SIEM Technical Certification (preferred)

Technical Expertise:

• Minimum 1 year of hands-on experience with LogRhythm or any other major SIEM tool.
• Strong understanding of attack techniques and frameworks such as MITRE ATT&CK and NIST.
• Experience in log analysis across Firewalls, DNS Security, Proxy, and Endpoint Security.
• Incident Response and Incident Resolution experience.
• Knowledge of IT Service Management processes.

Why Join Us?

• Opportunity to work with leading SIEM and security technologies.
• High visibility role within a mature SOC environment.
• Chance to mentor junior analysts and grow into senior SOC roles.
• Strong culture focused on learning, security excellence, and continuous improvement.

Application Instructions:
If you meet the above qualifications and are eager to advance your cybersecurity career, please share your updated resume at:
resumes@empglobal.ae
or apply directly through this platform.
Note: Only shortlisted candidates will be contacted. Thank you for your understanding.

Skills Required