Cybersecurity Engineer – Managed XDR (mXDR)
Job Description
Company: TAT IT Technolgies
Location: AE
We have an urgent requirement for Cybersecurity Engineer – Managed XDR (mXDR) for our one of telecom client in Dubai, UAE Candidate- cybersecurity operational interface between the client and the Managed Security Operations Center–
Must Experience working in Managed Security Services (MSSP) environment– Must Act as the single point of contact (SPOC) for all security operations at the client site–
Must Strong experience in security operations & incident response lifecycle, Network security, endpoints, and identity security– Must Experience in onsite client-facing role is
Must Telecom Domain is Preferred Role Overview The Onsite mXDR Engineer will act as the primary cybersecurity operational interface between the client and the Managed Security Operations Center (SOC).
The role is responsible for ensuring effective monitoring, detection, response coordination, and continuous improvement of the client’s security posture.
This individual will work closely with both
client stakeholders and offshore/remote SOC teams
to ensure timely incident handling, use-case tuning, and alignment with business and security objectives.
Key Responsibilities
Security Monitoring & Incident Management
• Act as the single point of contact (SPOC) for all security operations at the client site
• Monitor security alerts and incidents escalated from SOC
• Perform L1/L2 triage and validation of security events
• Coordinate incident response activities with SOC, IT, and business teams
• Ensure timely closure of incidents in line with SLA commitments
Use Case & Detection Engineering
• Fine-tune SIEM/XDR detection rules based on client environment
• Support onboarding of new log sources and telemetry
• Reduce false positives and improve detection accuracy
• Assist in developing custom use cases aligned to threat scenarios
Reporting & Governance
• Prepare and present daily, weekly, and monthly security reports
• Conduct incident review meetings with stakeholders
• Track KPIs and SLAs for SOC performance
• Maintain documentation of incidents, runbooks, and processes
Stakeholder Engagement
Interface with client IT, network, and application teams
• Provide advisory on security best practices
• Support audits, compliance requirements, and governance reviews
• Act as a trusted security advisor for operational matters
Threat Intelligence & Proactive Security
• Leverage threat intelligence feeds to identify emerging threats
• Support threat hunting activities in coordination with SOC
• Recommend improvements in security posture and controls
Continuous Improvement
• Identify gaps in detection coverage and recommend improvements
• Support automation initiatives (SOAR playbooks)
• Enhance operational maturity of SOC processes
Technical Skills
Required Skills & Experience
• Hands-on experience with:
• SIEM platforms (e.g., Microsoft Sentinel, Splunk, QRadar)
• XDR/EDR tools (e.g., Microsoft Defender, CrowdStrike)
• Strong understanding of
• Security operations & incident response lifecycle
• Log analysis and correlation
• Network security, endpoints, and identity security
• Knowledge of
• MITRE ATT&CK framework
• Threat intelligence concepts
• Basic scripting (PowerShell / Python preferred)
Experience
• 3–7 years in SOC / Security Operations / Incident Response
• Experience working in Managed Security Services (MSSP) environment preferred
• Prior experience in onsite client-facing role is highly desirable
Certifications (Good to have)
• CEH / CompTIA Security+
• Microsoft SC-200 (Sentinel / Security Operations)
• CISSP / CISM (good to have)
Soft Skills
• Strong communication and stakeholder management skills
• Ability to work in high-pressure environments
• Analytical thinking and problem-solving ability
• Customer-focused mindset
Working Model
• Full-time onsite at client location
• Coordination with offshore SOC (24×7 support model)
• Participation in incident bridge calls
Source: BeBee
