Security Engineer (Defense) - Relocate to Dubai (UAE)

Position OverviewThe Detection & Response Engineer combines detection engineering and incident-response functions in a single role. The incumbent will author and tune high-fidelity detections, harden security baselines and lead critical incident response engagements from containment through root-cause analysis. Success is measured by the velocity and quality of rule promotion, reduced false positives, rapid mean-time-to-respond, and shortened detection windows for emerging TTPs.Core Responsibilities 1. Detection Engineering • Author, refine, and promote SIEM/XDR analytics using Sigma, KQL, and SPL.• Develop and maintain parsers/ETL pipelines; normalise telemetry across Windows, M365/OAuth, AWS, and Azure logs.• Operate a test harness to replay attack chains and quantify false-positive / false-negative rates before production release2. Security Baseline Hardening• Implement and update security controls via IaC (Terraform, CloudFormation, Ansible).• Drive configuration compliance for operating systems, identity platforms, and cloud services.3. Incident Response (P1 Lead)• Serve as primary responder for Priority-1 incidents: containment, scoping, eradication, and recovery.• Produce detailed timelines, root-cause analyses, and lessons-learned reports.4. Continuous Audit, Improvement & Governance• Conduct periodic audits to benchmark compliance coverage• Promote rules through formal change-control processes, including peer review and rollback plans.• Measure and report FP/FN statistics; collaborate with Purple Team to prioritise coverage gaps and new TTPs.5. Threat Research & Replay• Integrate threat-intel feeds; lead replay exercises to verify detection efficacy against new vulnerabilities and adversary techniques.• Publish internal knowledge articles to disseminate findings and guidance.