Information Security And IT Support Specialist

Company Overview

Since 1992, Big Ticket LLC has been offering huge cash prizes and dream cars, creating unforgettable experiences for our customers. Our monthly guaranteed draws give participants the chance to win massive cash prizes, luxury cars, and more, with millions of dirhams awarded to lucky winners every month.

At Big Ticket, we’re more than just a raffle; we create moments of hope, joy, and excitement for people around the world. With a mission to turn dreams into reality through exciting games and entertainment and make every draw an event to remember.

Purpose and Objectives for the Role

This role combines frontline IT support responsibilities with end-user cybersecurity and security operations duties. It plays a key role in maintaining secure digital workplace operations, ensuring compliance, and supporting proactive risk identification and incident response across the organisation. The position will liaise with Group Information Security and third-party security vendors to maintain and elevate our security posture.

Overall Responsibilities

IT Support & End-User Security

• Provide day-to-day IT support to end users (Windows/macOS, Microsoft Office, email, endpoint security tools).
• Maintain secure configurations across end-user devices and core infrastructure.
• Manage and maintain IT asset inventory and software records (IT Asset Management).
• Troubleshoot and escalate technical issues in collaboration with the IT Manager.
  
  

• Support internal/external audits with system configurations and compliance documentation.
• Implement and monitor adherence to security and data protection policies.
• Embed security practices in daily operations across departments, especially where sensitive data is handled.
  
  

• Coordinate vulnerability scans and risk assessments with vendors and internal teams.
• Track, analyse, and report remediation progress on identified vulnerabilities.
• Provide visibility into risk exposure through structured reporting.
  
  

• Act as liaison with outsourced SOC provider to align on alerts, investigations, and incident response.
• Triage and escalate incidents; support use case development (MITRE ATT&CK framework).
• Contribute to creation and refinement of monitoring playbooks and operational workflows.
  
  

• Investigate and respond to security incidents in coordination with SOC and internal teams.
• Ensure timely documentation of incidents, outcomes, and response actions.
• Perform phishing analysis and enhance staff awareness initiatives.
  
  

• Work with Group Information Security to align tools, controls, and response processes.
• Support enterprise-wide deployments of security tools and awareness campaigns.
• Escalate critical risks and contribute to coordinated incident response.
  
  

• Endpoint Detection & Response (EDR): Microsoft Defender, CrowdStrike
• Security Information and Event Management (SIEM): Microsoft Sentinel, Splunk, IBM QRadar
• Secure Access Service Edge (SASE): Zscaler, Netskope
• Microsoft 365, Intune, Entra ID (Azure AD), Office 365
• Hands-on experience with Windows/macOS/iOS and mobile device management (Jamf, Intune)
• Proven skills in security incident investigation, system troubleshooting, and playbook creation
  
  

• Stakeholder Collaboration: Works effectively with GRC, IT, Architecture, and outsourced providers.
• Strategic Thinking: Balances business needs with security best practices.
• Communication: Clearly communicates complex technical issues to technical and non-technical stakeholders.
  
  

• Familiarity with physical security coordination (access control, CCTV, pass management).
• Able to support onboarding/offboarding physical access processes as needed.
  
  

• Bachelor's degree in IT, Cybersecurity, or a related field (or equivalent hands-on experience).
• Preferred certifications:
• Microsoft Certified: Azure Security Engineer Associate
• Microsoft SC-200 (Security Operations Analyst)
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Familiarity with standards and frameworks (ISO 27001, NIST, MITRE ATT&CK, UAE PDPL).
• Experience in Information Security, Security Operations, or Cloud Security within regulated environments.