Cyber Security Analyst

Cybersecurity Analyst

Note: This position is open to local candidates who reside in Kuwait only. 

Classification: Institutional Support
Reports To: Senior Executive Director of IT

Location: Saad Al Abdullah, Kuwait

Job Summary

The Cybersecurity Analyst is responsible for advanced monitoring, analysis, and response to security incidents across enterprise systems and networks. The role focuses on incident investigation, threat hunting, and vulnerability management using multiple security platforms. It supports continuous improvement of the organization’s security posture through proactive detection and response.

Key Responsibilities

• Analyze security events and alerts from multiple security platforms to assess scope, severity, and potential impact on systems, networks, and data.
• Perform Level 2 incident analysis, classification, and prioritization in accordance with established incident response and escalation procedures.
• Lead and support incident response activities, including containment, eradication, and recovery, following predefined response plans.
• Investigate root causes of security incidents such as phishing attacks, malware infections, data breaches, and unauthorized access attempts.
• Collect, preserve, and document forensic evidence; prepare clear investigation reports with remediation and prevention recommendations.
• Conduct proactive threat hunting activities to identify indicators of compromise (IOCs), anomalous behavior, and emerging threats across endpoints, networks, and applications.
• Leverage threat intelligence feeds behavioral analytics, and the MITRE ATT&CK framework to enhance detection and response capabilities.
• Investigate phishing emails, malicious scripts, and suspicious users or network activity to identify threats and prevent recurrence.
• Develop, tune, and optimize security use cases and detection rules for DLP, email security, endpoint protection, and insider threat monitoring.
• Manage and monitor Secure Email Gateway platforms to support email threat prevention and incident response.
• Enforce access management, privilege controls, and security policies across cybersecurity tools and platforms.
• Plan and conduct regular penetration testing activities and coordinate remediation efforts with IT and application teams.
• Perform weekly vulnerability assessments on organizational applications and systems, document findings and track remediation progress.
• Investigate endpoint security alerts and take remediation actions such as quarantining devices and blocking malicious indicators.
• IT Network Support – Provide operational network support by assisting with monitoring, troubleshooting, maintenance, and escalation of network infrastructure issues to ensure stable and reliable connectivity.
• Conduct cybersecurity awareness campaigns to improve user security posture and reduce human-related risks.
• Organize and support annual cybersecurity and AI awareness events, including hands-on challenges, workshops, and guest speaker sessions.
• Maintain accurate incident documentation, tickets, and daily operational reports.
• Escalate high-severity or complex incidents to senior security staff and management.
• Collaborate with IT infrastructure, network, and application teams to support continuous security operations and risk reduction

Skills and Competencies

• 2–3 years of hands-on experience in cybersecurity operations, SOC, or incident response roles.
• Strong experience with Barracuda Email Security for email threat detection and response.
• Hands-on knowledge of Sophos Central Phish Threat for phishing simulations and threat analysis.
• Practical experience administering and responding to incidents using SentinelOne Endpoint Protection.
• Familiarity with ESET Endpoint Security for endpoint monitoring and malware analysis.
• Experience with DLP solutions for insider threat detection and data loss prevention.
• Knowledge of Access Control systems and physical security integrations.
• Familiarity with CCTV systems and security monitoring environments.
• Understanding of incident response lifecycle, forensic fundamentals, and evidence handling.
• Experience conducting vulnerability assessments and supporting penetration testing initiatives.
• Knowledge of threat hunting methodologies, IOCs, and MITRE ATT&CK framework.
• Strong analytical and problem-solving skills with attention to detail.
• Ability to document incidents, findings, and remediation actions clearly and professionally.
• Good communication skills with the ability to collaborate across IT, security, and management teams.
• Proactive mindset with a strong commitment to continuous learning and cybersecurity best practices.

Educational Qualifications & Certifications

Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Computer Engineering, or a related discipline from a recognized institution.

Industry-recognized certifications such as CompTIA Security+, Cyware Certified Orchestrate Analyst, Certified ExtraHop Network Security Specialist, and Fortinet NSE are strongly preferred.

Additional certifications in incident response, SOC operations, threat intelligence, penetration testing, or SIEM platforms, along with continuous security training, are considered a strong advantage. based

About American International University

American International University (AIU) is a private institution in Kuwait, founded in 2019, offering undergraduate programs based on the American higher education model. AIU provides degree programs in Engineering, Architecture and Design, and Business Administration, with English as the language of instruction.

The University is committed to fostering intellectual, cultural, and personal growth for all members of its community, preparing graduates for leadership roles in a global society. For more information, visit: www.aiu.edu.kw