Operational Engineer L 2 – Web Application Security

at  The Emirates Group

Job Purpose: At Emirates, we believe in connecting the world, to and through, our global hub in Dubai and in constantly innovating to ensure our customers ‘Fly Better ’. Our Cyber Defence Operations team is looking to urgently hire a n Operational Engineer Level 2 – Web Application Security to dive into the intricate world of web application security, ensuring the safety of our online platforms.
Y
our role is to lead and oversee Cybersecurity analysis, activities
monitoring
and investigations within a shift
.
You will handle advanced incidents and service requests and guide Level 1 engineers and
provide
expertise
in complex troubleshooting scenarios.
Additionally
you will coordinate with escalation engineers on the investigation and resolution of critical cybersecurity incidents as well as ensure
accurate
triage,
timely
escalation
and resolution within SLAs.
This role is on-site and based on shift rotation within a 24x7 Operation.
What you will do:
- Address escalated incidents and service requests.
- Guide Level 1 engineers in troubleshooting.
- Ensure
timely
resolution and
fulfilment
of escalated issues.
-
Maintain
clear documentation of complex incidents.
-
Monitor
external threat data sources to
maintain
the cyber network defence threat conditions and
determine
which security issues may have an impact on the enterprise.
- Perform a detailed analysis of cyber threat adversaries and recommend preventative countermeasures.
- Assess and
identify
Advance Persistent Threat (APT) activities.
-
Maintain
and support the shift log for effective shift handover.
- Monitor and review triage activities performed by the L1 analysts and ensure
accurate
closure.
-
Assist
in creating playbooks and updating the knowledge base repository.
Specific knowledge and skills
for the role of
Operational Engineers Level 2 - Web Application Security
.
The following are critical skills required to be successful in this role:
-
Configuration and Deployment:
Proficiency
in setting up and deploying both WAFs and Network Firewalls within the network infrastructure, understanding their roles in protecting web applications and securing the network perimeter.
-
Policy Management:
Creation and management of security policies for both WAFs and Network Firewalls, tailoring rules to protect against various threats (such as SQL injection, XSS, malware, unauthorized access) and ensuring
accurate
traffic filtering.
-
Rule Configuration and Monitoring:
Configuration and monitoring of
firewall
rules, both for web application traffic and network traffic, ensuring effective filtering,
identifying
potential security threats, and performing basic analysis to detect anomalies.
-
Incident Response and Collaboration:
Understanding of incident response protocols related to both WAFs and Network Firewalls, including initial response to alerts, incident identification, reporting, and collaboration with teams to address security events.
-
Documentation and Reporting:
Maintaining
documentation for both WAF and Network Firewall configurations, policies, and incident responses, as well as generating basic reports on
firewall
activities and security incidents for future reference.
Qualifications & Experience: What you will bring:
Qualifications:
A degree or Honours (12+3 or equivalent) in Computer Science, Information Systems, Engineering, Telecommunications, or other related scientific or technical discipline is desired.
Experience:
3+ years’ experience in a cross-functional and interdisciplinary team. GIAC Certified Incident Handler (GCIH) or equivalent certification is mandatory.
K
nowledge and skills
:
-Th
reat Detection and Response (CSOC): Able to analyse security alerts and differentiate false
positives
.
Advanced
proficiency
in administration and configuration of SIEM, EDR and other security Platforms
.
-Infrastructure Protection:
Proficiency
in advanced
firewall
configurations and intrusion detection systems.
-Identity: Understanding of advanced IAM configurations and role-based access controls.
-Advanced understanding of enterprise IT Cybersecurity operational environment.
-Understanding of the latest security principles, techniques, and protocols.
-Clear thinking and ability to deal with escalations effectively.
-Knowledge of database and operating system security.
-Knowledge of web servers, operating systems, and network protocols.
-Excellent verbal and written communication skills.
-Ability to triage and escalate effectively.
Salary & Benefits: Join us in Dubai and enjoy an attractive tax-free salary and travel benefits that are exclusive to our industry, including discounts on flights and hotels stays around the world. You can find out more information about our employee benefits in the Working Here section of our website www.emirates.com/careers. Further information on what’s it like to live and work in our cosmopolitan home city, can be found in the Dubai Lifestyle section

Please refer the Job description for details