[Remote] Cyber Security Specialist (SOC / Incident Response)

Note: The job is a remote job and is open to candidates in USA. NorthBay is seeking a Cyber Security Specialist to support day-to-day cybersecurity operations for a large enterprise customer in the UAE. This operational role focuses on SIEM monitoring, incident response, vulnerability management, and maintaining compliance-aligned security operations. Responsibilities • Monitor and analyze security events using SIEM, including alert triage, correlation validation, and escalation handling • Execute incident response activities: triage, containment coordination, evidence capture, and support for root-cause analysis • Operate and manage EDR tooling: policy management, alert handling, containment actions, and endpoint investigation support • Support vulnerability management execution: scanning coordination, triage, remediation tracking, and verification • Perform basic threat hunting and proactive detection improvements based on observed patterns and recurring incidents • Maintain incident response playbooks, operational SOPs, and case documentation with high-quality reporting • Support ISO 2700, SOC 2, PCI/DSS operational compliance through evidence collection, reporting, and control execution • Coordinate with platform, network, and application teams to resolve security events within defined timelines and processes Skills • 7–8 years of experience in SOC / Cyber Security Operations / Incident Response • Strong hands-on experience with SIEM operations (alerts, use-cases, dashboards, reporting) • Strong working experience with EDR tools and endpoint investigation fundamentals • Practical understanding of incident response lifecycle and operational documentation discipline • Experience coordinating remediation with cross-functional teams in hybrid/on-prem environments • Strong knowledge of ISO 27001, SOC 2, PCI/DSS operational control expectations (logging, access, incident handling, evidence) • CompTIA Security+, CySA+, CEH • CISSP or CISM • PCIP (ISA) – PCI Professional (Internal Security Assessor) • Qualified Security Assessor (QSA) (where applicable/available) • GIAC certifications (GCIA, GCIH, GCED) • AWS Certified Security – Specialty • AWS Certified Solutions Architect – Associate • arenaflex Azure Security Engineer Associate (AZ-500) • Telecom, Government or regulated sector experience in security operations • Familiarity with structured detection frameworks (e.g., MITRE ATT&CK) and improved alert engineering • Scripting/automation exposure for reporting and operational efficiency Company Overview • NorthBay is AWS Premier Consulting Partner and also partnered with VMware, CloudRail and SAP in support of our Customers’ AWS cloud journeys. It was founded in 2010, and is headquartered in Andover, Massachusetts, USA, with a workforce of 201-500 employees. Its website is Apply tot his job Apply tot his job