Security Operations Center

CCDS is at the forefront of providing innovative cybersecurity solutions and is seeking a skilled and experienced Saudi Security Operations Center (SOC) Team Lead to join our dynamic team. As the SOC Team Lead, you will oversee the daily operations of the Security Operations Center, ensuring that our cybersecurity protocols are effectively implemented. You will play a critical role in managing a team of SOC analysts and in responding to security incidents, while driving improvements in processes, and ensuring compliance with the organization's security standards.

Responsibilities

The SOC Team Lead is responsible for overseeing the daily operations of the SOC team, ensuring efficient incident handling, and fostering a culture of continuous improvement. Their responsibilities typically include:

• Team Leadership and Management:
  • Manage and supervise a team of Level 1 and Level 2 SOC Analysts
  • Provide leadership, mentorship, and coaching to team members
  • Conduct performance evaluations and identify training needs
  • Ensure adequate staffing and resource allocation
• Incident Response Management:
  • Oversee incident response activities, ensuring efficient and effective containment and remediation
  • Review and approve incident reports and documentation
  • Develop and maintain incident response playbooks and procedures
  • Act as a point of escalation for complex or critical security incidents
• Security Monitoring and Analysis:
  • Ensure continuous monitoring of security alerts and events
  • Monitor the team's effectiveness in detecting, analyzing, and responding to security threats
  • Identify and address gaps in security monitoring capabilities
• Threat Intelligence and Hunting:
  • Promote and facilitate proactive threat hunting activities
  • Leverage threat intelligence to identify emerging threats and vulnerabilities
  • Ensure threat intelligence is effectively used by the SOC team
• Security Tool Management and Optimization:
  • Oversee the effective use of security tools, ensuring they are configured correctly and optimized for maximum efficiency
  • Evaluate new security technologies and make recommendations for improvements
  • Collaborate with other IT teams to integrate security tools and processes
• Process Improvement and Automation:
  • Identify areas for improvement in SOC processes and workflows
  • Recommend and implement process changes to enhance efficiency and effectiveness
  • Drive the automation of security tasks to reduce manual efforts and improve response times
• Reporting and Communication:
  • Provide regular reports to management on SOC activities, incident metrics, and trends
  • Communicate security incidents and findings effectively to stakeholders
  • Participate in security briefings and presentations
• Compliance and Regulatory Adherence:
  • Ensure the SOC team's adherence to all relevant security policies, regulations, and compliance requirements
  • Participate in security audits and compliance assessments
• Knowledge Sharing and Training:
  • Facilitate knowledge sharing and collaboration among SOC team members
  • Develop and implement training programs to enhance team skills and expertise
    
    

• Saudi Nationality is mandatory
• Technical Skills:
  • Expertise in Cybersecurity: Comprehensive understanding of cybersecurity concepts, principles, and best practices
  • Advanced Networking Knowledge: Deep understanding of network protocols, architectures, and security controls
  • Security Tool Proficiency: Mastery of SIEM platforms, IDS/IPS, firewalls, EDR, vulnerability scanners, and other security technologies
  • Incident Response Expertise: Strong knowledge of incident response methodologies and techniques
  • Threat Hunting and Analysis: Proven ability to conduct threat hunting and analysis activities
  • Cloud Security Knowledge (Preferred): Familiarity with cloud security concepts and technologies for AWS, Azure, or GCP
• Leadership and Management Skills:
  • Proven ability to lead, mentor, and motivate a team of security professionals
  • Excellent delegation, planning, and organizational skills
  • Strong performance management and evaluation skills
  • Ability to create a positive and productive team environment
• Analytical and Problem-Solving Skills:
  • Ability to analyze complex security issues and develop effective solutions
  • Strong critical-thinking and problem-solving abilities
  • Ability to identify patterns, trends, and anomalies in security data
  • Strategic thinking and planning skills
• Communication and Interpersonal Skills:
  • Excellent verbal and written communication skills
  • Ability to communicate complex technical information to both technical and non-technical audiences
  • Strong interpersonal and relationship-building skills
  • Active listening and conflict resolution skills
• Other Essential Skills:
  • Strong project management skills
  • Ability to manage multiple priorities and meet deadlines
  • Adaptability and a willingness to learn new technologies and security practices
  • Adherence to strict confidentiality protocols
  • Ethical and professional conduct
• Required Qualifications:
  • Educational Background:
    • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (preferred)
    • Master's degree in a relevant field (beneficial)
• Certifications (Preferred):
  • CEH
  • eCIR (elearn security Certified Incident Responder)
  • eCTHP (elearn security Certified Threat Hunting Professional)
  • Admin certifications of popular SIEM tools like Splunk, Qradar, LogRhythm etc
  • Certified Information Systems Security Professional (CISSP)
• Experience:
  • 5+ years of experience in IT or a security-related field of which 3+ years of experience as a Level 3 SOC Analyst or Team Lead
  • Demonstrated leadership and team management experience
  • Experience working with various security tools and technologies
  • Proven experience in incident response, threat hunting, and vulnerability management
• Work Environment:
  • Work is typically performed in a controlled office environment
  • May be required to work occasional evening or weekend hours or be available on-call to respond to critical security incidents

• Private Family Health Insurance Class A
• Paid Time Off
• Training & Development Plan
• Performance Bonus
• GOSI will be covered as labor law
• Hardship allowance for working during Ramadan & Public Holidays

• Mid-Senior level

• Full-time

• IT Services and IT Consulting