Description:
We are seeking a seasoned cybersecurity professional to join our Security Operations Center (SOC) as a Level2 SOC Analyst. You will serve as the first point of advanced analysis for security events performing deepdive investigations, validating and containing threats. The ideal candidate has a proven track record in a 247 SOC environment, solid experience with SIEM/EDR/IDS and other SOC technologies, and the ability to think critically under pressure.
Responsibilities:
- Perform secondlevel triage and analysis of security alerts raised by L1 analysts or automated detections.
- Investigate, validate, and contain security incidents, coordinating with L3 or IR teams when necessary.
- Conduct proactive threat hunting and retrospective analysis using longterm storage (LTS) data.
- Create and tune detection rules, playbooks, and usecases to improve SOC efficacy.
- Mentor and provide technical guidance to L1 analysts, contributing to continuous knowledge transfer.
- Lead weekly servicereview meetings with clients and conduct postincident debriefs with clientside executives.
- Rotating shifts are mandatory, as per industrystandard SOC operations; you will be scheduled on a 247 roster (including nights, weekends, and public holidays) to ensure continuous coverage.
Required:
- Language/Nationality: Fluent English & Arabic; Saudi national (per local regulations).
- Bachelor's degree in cybersecurity, information technology, or a closely related field; a postgraduate degree is a plus.
- Apart from entrylevel certifications such as CompTIA Security+, candidates must have at least one intermediate or advanced professional certification in cybersecurity, incident response, or digital forensics (include verification code/link in your CV). Examples: GCIA, GCIH, GCFA, GNFA, OSCP, GSEC, CySA+, CCSP, Splunk Enterprise Security Admin.
- 3-4years of handson experience working in a SOC or incidentresponse capacity.
- Handson experience with security technologies such as SIEM, XDR, EDR, IDS/IPS, SOAR, and threatintelligence platforms.
- Strong understanding of network protocols, operating systems (Windows, Linux, macOS).
- Work experience with cybersecurity controls, frameworks, and guidelines such as Cyber Kill Chain, MITRE ATT&CK, etc.
- Refined public speaking and presentation skills; able to clearly communicate technical findings to nontechnical stakeholders and clientside executives.
- Proven selfmotivation and commitment to continuous professional development and certification.
- Excellent analytical, problemsolving, and collaboration skills.
Strong plus to have:
- Experience developing or tuning detection content, response playbooks, automation, SOC integrations.
- Work experience with cybersecurity controls, frameworks, and guidelines, with primary emphasis on local regulations such as NCA ECC, NCA CCC, NCA MSOC, SAMA CSF, and other regional directives, as well as international standards (e.g., NIST, ISO/IEC27001, PCIDSS, HIPAA, etc).
- Exposure to cloudsecurity monitoring (AWS, Azure, GCP) and containerized environments.
- If you are passionate about defending complex environments and ready to grow in a fastpaced MSSP setting, apply today and become part of our mission to keep our customers secure.
