Login/SignupEmployerEN

Security Tools

Abu Dhabi Tax Free2 months agoFull-time External
174.4k - 232.5k / yr
Avrioc Technologies

Avrioc Technologies

Position Overview We are seeking a Security Tools & Technologies Specialist to manage, integrate, and optimize security platforms for our DevSecOps team across AWS cloud and enterprise environments. This is a hands-on role, responsible for ensuring our security stack — commercial and open-source — is fully deployed, tuned, automated, and aligned with the needs of SOC, AI & IT Security, and DevSecOps. Key Responsibilities Deploy, configure, and manage security tools including Wazuh, ELK/Elastic Stack, Grafana, AWS CloudWatch, MISP, TheHive, Cortex, CrowdStrike/Defender, OpenVAS, OSSEC, Zeek, Suricata, AWS Security Hub, GuardDuty, Inspector, Config, WAF, Shield, Macie, AWS IAM, Secrets Manager, Arcon/Delinea/CyberArk. Implement and operate open-source threat hunting and DFIR tools such as Velociraptor, Osquery/Kolide, Volatility, Sysmon, Sigma rules, and develop custom detection rules and hunting queries. Integrate tools with AWS workloads, enterprise IT systems, and CI/CD pipelines, ensuring strong coverage across infrastructure, applications, and DevSecOps environments. Tune alerts, dashboards, playbooks, and pipelines to reduce false positives and improve detection accuracy, while creating meaningful visualizations and dashboards in Grafana, Kibana, and CloudWatch. Automate workflows and enrich alerts using SOAR platforms, Python, Bash, PowerShell, and APIs, enabling faster internal response and reporting. Review, assess, and onboard new tools and integrations (open-source or enterprise), conduct POCs, bake-offs, lifecycle management, upgrades, and patching, and ensure proper documentation and runbooks are maintained. Support internal SOC and IT Security teams with enriched telemetry, detection rules, forensics, and investigation data, while proactively conducting threat hunts and anomaly detection. Provide tooling support during audits, compliance reviews, tabletop exercises, and incident response simulations, ensuring that evidence and reports align with ISO 27001, NIST CSF, PCI DSS, SOC 2, GDPR, UAE PDPL, NESA, and CBUAE requirements. Train and enable internal teams on the use of tools, dashboards, and hunting techniques, while acting as the go-to person for troubleshooting, optimization, and continuous improvement. Qualifications Bachelor's degree in computer science, Cybersecurity, or related field. 5–8 years of hands-on security operations experience, with strong background in security tool deployment, integration, and hunting enablement. Expertise with AWS-native security services and open-source SOC/DFIR toolchains (TheHive, MISP, Wazuh, Velociraptor, Osquery, Zeek, Suricata, Grafana, Elastic, OpenVAS, Sysmon/Sigma). Experience with commercial tools (SIEM/SOAR, EDR/XDR, IAM/PAM, DLP, CSPM, CWPP). Solid knowledge of incident response, log analysis, detection engineering, and threat hunting methodologies. Understanding of compliance frameworks: ISO 27001, NIST, PCI DSS, SOC 2, GDPR, UAE PDPL, NESA, CBUAE. Preferred Certifications AWS Certified Security – Specialty. GIAC GCDA / GCFA / GCIA (DFIR/hunting). Elastic/Splunk/CrowdStrike certifications. Security+ / CySA+ / GSEC. Bonus: Contributions to open-source security projects. Key Competencies Hands-on operator with builder mindset. Strong threat hunting and detection engineering skills. Proficient in scripting/automation (Python, Bash, PowerShell). Ability to balance open-source and enterprise tools for ROI and coverage. Collaborative, proactive, and detail-oriented with focus on internal SOC enablement. Show more Show less