SOC L2

Posted Date- about 3 hours ago- Location- Saudi Arabia- Discipline- Information Technology- Job Reference- 31809- Salary- 0.0**Job Title: Senior Security Analyst L2**

**Location**:Riyadh, KSA
**Role Type**:Permanent

**Job description**
**Responsibilities**
- Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
- Correlate and analyze events using SIEM tools to detect security incidents.
- Create, follow and present detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
- Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
- Respond in a timely manner (within documented SLA) to support, investigate, and other cases.
- Document actions in cases to effectively communicate information internally and to customers.
- Resolve problems independently and understand escalation procedure.
- Maintain a high degree of awareness of current threat landscape and cybersecurity intelligence.
- Spread the cybersecurity intelligence across the team of analysts and engage in threat hunting activities.
- Lead delivery, and support others in the delivery, of knowledge sharing with analysts and writing technical articles for Internal knowledge bases, blog posts and reports as requested.
- Perform other essential duties as assigned.
- Analysis of log files, includes forensic analysis of system resource access.
- Create, follow and present customer reports to ensure quality, accuracy, and value to clients.
- Creation of new content (Use Cases, Queries, Reports) within the SIEM platform.
- Education and training of other analysts in use and operation of SIEM platform.
- On-site work with clients as required.
- Engage with client Incident Response team as required.
- Generate cybersecurity Threat Intelligence reports.

**Qualifications**
- 5+ years of experience in cybersecurity, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, threat intelligence/hunting or digital forensics.
- Bachelor’s/Master’s Degree in Cybersecurity, Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
- An active interest and passion in cybersecurity, incident detection, network, and systems security.
- A sound knowledge of IT security best practices, common attack types and detection / prevention methods.
- Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce.
- Experience in using Splunk as an analyst for Threat and Incident Detection is required.
- Experience with ArcSight, LogRhythm, QRadar, is preferable but not mandatory.
- Strong understanding of Cyber Kill Chain and MITRE ATT&CK frameworks and techniques.
- Solid understanding of TCP/IP and network concepts and principles.
- Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS.
- Professional certificates are highly preferred (e.g., CCIE, OSCP, CISSP, GSEC, GCIA, GCIH, GMON, GREM, GDAT, GCFE etc.).
- An experienced Analyst who aspires to be a leader, and is committed to learning the principles of leadership and the role of a leader.
- Outstanding organizational skills.
- Exclusive focus and vast experience in IT.
- Very good communication skills.
- Strong analytical and problem-solving skills.
- A motivated, self-managed, individual who can demonstrate exceptional analytical skills and work professionally with peers and customers even under pressure.
- Strong written and verbal skills.
- Strong interpersonal skills with the ability to collaborate well with others.
- Ability to speak and write in English is required; Ability to speak and write in both English and Arabic is preferred.
- Well-versed in developing content for SIEM (creating, fine tuning) use cases and rules.
- Experience with automation tools (SOAR) is preferred.
- Experience in Malware Analysis / Reverse Engineering is preferred.