Level 1 Security Operations Center

CCDS is a leading provider of Information Technology and cybersecurity solutions. We are currently seeking a Saudi Level 1 Security Operations Center (SOC) Analyst to join our vibrant team. In this entry-level position, you will be responsible for supporting the daily operations of our Security Operations Center. You will monitor, analyze, and respond to security alerts and incidents to help protect our organization's critical information and technology assets. This is an excellent opportunity for those starting their career in cybersecurity.

**Responsibilities**:
A Level 1 SOC Analyst is primarily responsible for the initial triage, analysis, and escalation of security incidents. Their day-to-day tasks typically include:

- **Monitoring Security Alerts**:
- Continuously monitor security information and event management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), and other security tools for alerts and anomalies.
- Identify potential security threats and vulnerabilities based on alerts generated.
- **Initial Alert Triage and Analysis**:
- Categorize and prioritize security alerts based on severity and potential impact.
- Perform preliminary analysis of alerts to determine whether they are true positives or false positives.
- Gather initial information about security incidents, including affected systems, users, and network activity.
- **Incident Escalation**:
- Escalate confirmed security incidents to Level 2 or higher analysts, providing relevant context and information.
- Follow established incident response procedures and workflows.
- **Basic Security Event Logging and Documentation**:
- Accurately record all security events and actions taken in ticketing systems and incident logs.
- Maintain detailed and organized records of security activities.
- **Threat Intelligence Gathering**:
- Stay updated on emerging threats, vulnerabilities, and security best practices.
- Assist in gathering and correlating threat intelligence data from various sources.
- **Security Tool Maintenance**:
- Assist with the maintenance and basic operation of security tools.
- Report any issues or malfunctions with security systems.
- **Creating and Updating Documentation**:
- Contribute to the development and maintenance of security documentation, such as incident response plans and standard operating procedures.

**Requirements**:

- Saudi Nationality is mandatory.- **Technical Skills**:
- **Basic Networking Knowledge**: Understanding of TCP/IP, DNS, DHCP, routing, and switching concepts.
- **Operating System Knowledge**: Familiarity with Windows and Linux operating systems.
- **Security Tool Familiarity**: Basic knowledge of SIEM platforms, IDS/IPS, firewalls, and endpoint protection solutions.
- **Understanding of Common Attack Vectors**: Knowledge of common attack techniques, including malware, phishing, denial-of-service, and social engineering.
- **Basic Scripting (preferred)**: Basic understanding of scripting languages such as Python or PowerShell.
- **Endpoint Security**: Understanding of concepts related to endpoint protection.
- **Analytical and Problem-Solving Skills**:
- Ability to analyze and correlate security events to identify potential threats.
- Ability to quickly assess the severity of security alerts.
- Strong problem-solving abilities to resolve security incidents.
- Ability to think critically and pay attention to detail.- **Communication Skills**:
- Excellent verbal and written communication skills to document incidents and communicate findings effectively.
- Ability to clearly and concisely communicate technical information to both technical and non-technical audiences.
- Active listening skills to understand issues and take appropriate actions.
- **Other Essential Skills**:
- Ability to work effectively in a team environment.
- Ability to prioritize tasks and manage time effectively.
- Ability to work in a fast-paced and dynamic environment.
- Adaptability and a willingness to learn new technologies and security practices.
- Strong attention to detail.
- Adherence to strict confidentiality protocols.

**Required Qualifications**:
- **Educational Background**:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (preferred).
- **Certifications (preferred)**:
- CompTIA Security+
- Certified Ethical Hacker (CEH)
- Splunk Certified Power user or any other SIEM certifications for SOC analysts.
- **Experience**:
- 1-2 years of experience working as an L1 SOC Analyst.
- Internship or co-op experience in a cybersecurity role can be beneficial.

**Work Environment**:
- Work is typically performed in a controlled office environment.
- Required to work in a rotational shift which could also include working on Fridays, Saturdays and be available on-call to respond to critical security incidents.

**Benefits**
- Private Family Health Insurance Class A
- Paid Time Off
- Training & Development Plan
- Performance Bonus
- GOSI will be covered as labor law