Skip to content

General information

Name
Principal Content Engineer

Description & Requirements

Job Purpose

At Emirates, we believe in connecting the world to and through our global hub in Dubai and in constantly innovating to ensure our customers ‘Fly Better’. Emirates Group IT thrives on the dynamic nature of technology. Being pioneers in aviation innovation, we're always at the forefront, pushing boundaries. We're on the lookout for exceptional IT professionals to fortify our position as leaders in the industry. Embark on a journey with the world’s largest international airline and become a vital part of our cutting-edge information and technology team as Principal Content Engineer.


Join our CyberSecurity team where we ensure a world class CyberSecurity organisation based on the key principles of People, Process and Technology underpinned with executive endorsement of a multi-year strategy to continuously improve and develop. The team protects our digital assets by monitoring for threats, responding to incidents, managing vulnerabilities, and ensuring compliance with security policies and regulations. If you are passionate about CyberSecurity, we invite you to apply to play a crucial role in shaping the future of our technology initiatives at Emirates Group.


As a Principal Content Engineer, you will lead the design and development of the organisations threat detection and response capabilities. This role spans the full security engineering lifecycle - from platform design, data structuring, and threat modelling, to detection engineering, automation engineering, and recovery. Working across hybrid environments and multiple security platforms, the role contributes to ensuring threats are proactively identified, contained, and eradicated. By aligning with industry-standard frameworks, the role supports the creation of a resilient and adaptive defence ecosystem that safeguards business continuity.


 In this role you will: 

  • Design, implement, and optimize multiple SIEM and EDR/NDR platforms across on-premise, cloud, and hybrid infrastructures. Ensure cohesive data flows, normalisation, parsing, and enrichment for consistent, high-fidelity threat detection.
  • Guide the architecture of scalable telemetry pipelines, including endpoint, network, cloud, identity, and third-party integrations. Oversee sensor tuning and enrichment to maintain data integrity, quality, and performance across varied environments.
  • Design, develop, and maintain automation workflows that can take rapid, controlled actions to contain threats, prevent lateral movement, and preserve operational integrity.
  • Provide direction and mentorship to engineers, fostering cross-functional alignment with response, intelligence, and infrastructure teams to ensure detection content remains effective and relevant.
  • Structure the organisations ability to detect and respond to a cyber attack by analyzing telemetry coverage, modelling threat paths, and identifying gaps to prioritise strategic improvements.
  • Engineer and maintain decoy-based strategies and controlled response delays to misdirect attackers, collect intelligence, and delay adversarial progress during active threats


Qualification

To be considered for the role, you must meet the below requirements:

  • Degree or Honours (12+3 or equivalent) in computer science, information technology, content management.
  • 5+ Years of experience focused on threat detection and response engineering, SIEM/EDR design and development, and security automation.
     Experience working in cross-functional and interdisciplinary teams to solve complex problems.
  • Expertise in SIEM platforms (Splunk, Sentinel, QRadar) and EDR tools (CrowdStrike, Defender for Endpoint).
  • Deep understanding of log sources across cloud, network, endpoint, and identity layers.
  • Ability to evaluate threat actors based on motivation and common TTPs, threat modelling and engineering new tools to counter rapidly evolving cyber threats.
  • Strong scripting capabilities (Python, PowerShell) and understanding of log source parsing and data normalisation.
  • Familiarity with detection frameworks (MITRE ATT&CK, D3FEND) and threat modelling.
  • Demonstrate strong risk management skills to prioritise and evolve response engineering in line with emerging threats.
  • Hands-on experience with SOAR / Hyper Automation platforms and automation of threat response.
  • Experience in gathering a predictive understanding of adversarial strategies, priorities, and overlapping interests.


Leadership Role:  YES



Salary & Benefits


Join us in a management role and enjoy an attractive tax-free salary. On top of our generous travel benefits, including discounted flights and hotel stays around the world, this managerial role also has an excellent leave and healthcare package. That’s on top of transport benefits, life insurance and more. Find out what it’s like to live and work in our fast-paced, cosmopolitan home city in the Dubai Lifestyle section of our website www.emirates.com/careers