Google Cloud MENA
Principal Intelligence Analyst
- Permanent
- Dubai, United Arab Emirates
- Experience 5 - 10 yrs
Job expiry date: 04/06/2026
Job overview
Date posted
20/04/2026
Location
Dubai, United Arab Emirates
Salary
AED 20,000 - 30,000 per month
Compensation
Job description
The Principal Intelligence Analyst role within Mandiant Intelligence at Google Cloud focuses on advanced cyber threat intelligence operations supporting the Advanced Intelligence Access (AIA) program in the United Arab Emirates, with onsite client-facing engagement in Dubai. The role involves delivering actionable intelligence derived from Mandiantās extensive threat intelligence datasets, including raw intelligence data, to enterprise customers in order to support security decision-making and operational response. The analyst is responsible for evaluating and applying tools, methodologies, and best practices to track advanced cyber threats, adversary behaviors, tactics, techniques, and procedures (TTPs), and evolving attacker motivations and trends. The role requires conducting strategic, tactical, and operational research and analysis of cyber adversaries, including advanced persistent threat (APT) groups, and correlating intelligence across multiple sources to build structured and actionable threat assessments. The position includes supporting incident response activities and cybersecurity investigations within enterprise environments, leveraging SOC workflows, intrusion detection systems, endpoint detection and response solutions, SIEM platforms, and security orchestration automation and response systems. The analyst works closely with customers to identify intelligence requirements, tailor intelligence outputs to operational needs, and deliver briefings and reports to executive leadership, security teams, and technical analysts. The role also involves contributing to threat detection and response optimization, improving SOC workflows, and enabling detection engineering initiatives. The position requires strong communication skills in Arabic and English to engage directly with local stakeholders, government entities, and enterprise clients. It is a highly investigative and analytical role focused on transforming cyber threat data into structured intelligence products that support defensive cybersecurity operations and strategic security planning.
Required skills
Key responsibilities
- Perform strategic, tactical, and operational analysis of cyber threats, including adversary behaviors, motivations, and evolving attack methodologies.
- Evaluate cybersecurity tools, frameworks, and best practices for tracking threat actor TTPs and identifying emerging threat trends.
- Correlate multi-source intelligence data to develop structured assessments of advanced persistent threat (APT) activity and cyber campaigns.
- Conduct or support incident response investigations within enterprise environments, including forensic analysis and security event correlation.
- Work with SOC environments using SIEM, EDR, NIDS, and SOAR platforms to support threat detection, monitoring, and response workflows.
- Engage directly with customers to define intelligence requirements and deliver tailored intelligence briefings and analytical reports.
- Present technical and strategic intelligence findings to executive leadership, security teams, and technical stakeholders in clear and actionable formats.
- Support SOC optimization, detection engineering initiatives, and threat hunting activities to improve organizational cybersecurity posture.
- Collaborate with Mandiant intelligence teams to enhance threat tracking, intelligence enrichment, and adversary profiling capabilities.
Experience & skills
- Bachelorās degree or equivalent practical experience in cybersecurity or related field.
- Minimum 5 years of experience in customer-facing cybersecurity investigative roles such as threat intelligence or network forensics.
- Experience in cyber threat intelligence analysis including tracking adversary TTPs and advanced persistent threats.
- Experience working with SOC operations, SIEM systems, endpoint detection and response, and intrusion detection technologies.
- Experience conducting or supporting incident response and cybersecurity investigations in enterprise environments.
- Strong project management experience in cybersecurity or intelligence-driven environments.
- Ability to communicate and present effectively to both technical stakeholders and executive leadership.
- Fluency in Arabic required for customer-facing engagements and stakeholder communication.
- Experience working with cyber threat intelligence platforms and integrating intelligence into operational security workflows.