SOC L3

Role Overview

CyberGate Defense is hiring a SOC L3 professional in Abu Dhabi to take ownership of advanced security operations, guide the analyst team, and strengthen the organization’s detection and response capability. This position is suited to an experienced cybersecurity leader who can manage complex incidents, improve SOC processes, and contribute strategic security insight.

Key Responsibilities

• Coach, support, and supervise SOC analysts so they can grow their technical capabilities and perform at a higher standard.
• Act as the senior escalation contact for difficult or high-impact security incidents, delivering expert analysis and decisive response support.
• Create, refine, and maintain SOPs, incident playbooks, and response plans to make SOC operations more consistent and efficient.
• Review alerts, incidents, and operational data on a regular basis to spot trends, control gaps, and improvement opportunities.
• Work closely with teams across IT, engineering, and compliance to implement security controls, secure configurations, and risk-reduction practices.
• Perform threat intelligence analysis to track emerging threats, vulnerabilities, and attacker techniques, and feed those findings into defense planning.
• Run incident response drills, tabletop exercises, and post-incident reviews to improve readiness and response quality.
• Keep current with new cybersecurity tools, technologies, and industry practices, and assess how they can enhance SOC capabilities.
• Serve as a cybersecurity subject matter expert and advise senior leadership on initiatives, projects, and investments.
• Use advanced threat intelligence approaches to detect cyber threats that may have bypassed existing controls.
• Carry out compromise assessments, penetration testing, and vulnerability assessments, then recommend actions based on the results.
• Suggest improvements to security monitoring tools based on threat hunting outcomes.
• Develop cyber indicators to maintain situational awareness in a rapidly changing threat environment.
• Research threats, gather and analyze data, and evaluate intelligence to support security operations.
• Expand the use of monitoring tools to better address business needs, threat changes, incident root causes, and analytics outputs.
• Prepare focused reports and executive briefings on advanced cyber threats for different teams and leaders.
• Oversee SOC process management in line with SOC operations requirements.

Qualifications

• A bachelor’s degree in Information Security or a related field, or equivalent practical experience.
• About 7 to 9 years of experience in security operations, with increasing responsibility and leadership over time.
• Strong knowledge of cybersecurity tools and frameworks, including SIEM, EDR, threat intelligence platforms, and incident response methodologies.
• Solid understanding of network protocols, operating systems, and cloud environments, with the ability to interpret logs and network traffic.
• Proven experience leading response efforts for complex security events, including forensic work, malware reverse engineering, and digital investigations.
• Excellent leadership and communication skills, with the ability to guide a team and collaborate effectively with stakeholders at all levels.
• Certifications such as CISSP, GCIH, or CISM are strongly preferred.
• Experience in a regulated sector such as finance, healthcare, or government, along with familiarity with compliance requirements, is an added advantage.

Additional Information

This is a full-time, onsite position based in Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates.

No stipend or salary amount was specified in the source.