Paramount Computer System
Job Title
Security Analyst – SOC L2 (Audit & Compliance Support)
Job Summary
The L2 Security Analyst will support Security Operations Center (SOC) functions by handling intermediate to advanced security incidents and supporting audit and compliance activities in accordance with Dubai Government cybersecurity regulations. The role focuses on incident investigation, control validation, audit evidence preparation, and ensuring compliance with DESC ISR, ISO 27001 and more requirements.

Key Responsibilities
SOC Operations & Incident Handling (L2)
•Investigate and respond to Level 2 security incidents escalated from L1 analysts
•Perform detailed log analysis using SIEM, EDR, NDR, and cloud security tools
•Identify root cause, scope, and impact of security incidents
•Coordinate incident containment, eradication, and recovery activities
•Ensure incidents are documented and handled as per approved SOC procedures

Audit & Regulatory Compliance Support
•Support internal and external audits related to DESC ISR, ISO 27001, and other applicable frameworks
•Collect, validate, and maintain audit evidence (alerts, logs, access reviews, incident tickets, screenshots)
•Assist in control effectiveness testing and compliance validation
•Support remediation tracking for audit findings and regulatory gaps
•Ensure SOC activities meet Dubai Government cybersecurity control requirements

Threat Monitoring & Use Case Tuning
•Support SIEM use case enhancement and alert tuning to reduce false positives
•Assist in threat hunting activities.
•Review and improve detection.

Documentation & Reporting
•Maintain incident response documentation, SOC runbooks, and audit artifacts
•Prepare incident summaries, RCA reports, and compliance-related documentation
•Support preparation of security metrics and audit reports

Mandatory Qualifications
•Bachelor’s degree in information security, IT, or related field
•3–5 years of experience in SOC operations or security monitoring
•Hands-on experience with SIEM platforms (Splunk, QRadar, Sentinel, etc.)
•Experience supporting audits and managing compliance evidence

Preferred Qualifications
•Experience in Government or regulated-sector environments
•Exposure to cloud security (Azure / AWS)
•Familiarity with GRC tools (ServiceNow GRC, Archer, etc.)

Certifications (Preferred)
•GCIH or equivalent
•ISO 27001 Foundation or Internal Auditor

Key Skills
•Strong documentation and communication skills
•Security incident investigation
•Log analysis and correlation
•Audit evidence handling
•Regulatory compliance awareness
View all job openings