Our client is seeking a skilled Security Analyst to support Managed Detection & Response (MDR) operations by monitoring, detecting, investigating, and responding to cybersecurity threats across enterprise environments. The ideal candidate will have strong SOC experience, hands-on threat investigation skills, and the ability to operate within a 24/7 MDR service model.
Key Responsibilities
- Monitor, analyze, and investigate security alerts as part of MDR services.
- Provide continuous threat monitoring, triage, and escalation in line with MDR operational procedures and SLAs.
- Investigate advanced threats such as lateral movement, command-and-control activity, data exfiltration, insider threats, and compromised identities.
- Correlate alerts and telemetry from multiple security platforms including SIEM, EDR/XDR, network, and cloud security tools.
- Perform incident response activities including containment recommendations, remediation guidance, and root cause analysis.
- Reduce false positives through alert tuning and detection optimization.
- Document incidents, response actions, and lessons learned in case management systems.
- Prepare detailed incident reports, executive summaries, and security metrics for stakeholders and customers.
- Collaborate with SOC, engineering, and IT teams to ensure timely threat resolution.
- Support continuous improvement of MDR use cases, playbooks, and response workflows.
Required Qualifications
- Saudi National
- Minimum 3 years of experience in SOC, MDR, or Security Operations roles.
- Strong understanding of:
- MDR service delivery models and SOC operations
- Network protocols and traffic analysis (TCP/IP, DNS, HTTP/S, SMB)
- MITRE ATT&CK framework
- Incident detection, investigation, and response lifecycle
- Hands-on experience with SIEM platforms
- Familiarity with EDR/XDR solutions and network security controls (firewalls, IDS/IPS).
- Strong analytical, documentation, and communication skills.
- Proficiency in English and Arabic
Preferred Qualifications
- Experience in customer-facing MDR environments.
- Security certifications such as Security+, CEH, CySA+, GCIH, or GCIA.
- Experience monitoring cloud environments (AWS, Azure, GCP).
- Knowledge of scripting or automation (Python, PowerShell).
- Experience working in 24/7 or shift-based SOC/MDR operations.
