Halian logo

الوظائف الحالية

اكتشف و تقدم بالطلب الآن

قدم سيرتك الذاتية

SOC L3

Permanent
Riyadh, SA
30.09.2024

SOC L3

 Riyadh, SA

 

Permanent

Our Client

A well-established Cyber Security company based in Saudi Arabia are looking for a Senior SOC Analyst. This role is part of the companies Saudization initiative, so only Saudi Nationals will be considered for this postion. 

Key Responsibilities:

  • Advanced Incident Response:
    Lead the response to critical security incidents, leveraging QRadar SIEM and other security tools. Provide in-depth analysis and containment, and coordinate with relevant teams to remediate incidents.

  • Forensics & Malware Analysis:
    Perform deep-dive forensics and advanced malware analysis. Assess and interpret forensic evidence to identify root causes and improve defenses.

  • Threat Hunting:
    Proactively search for threats within the environment, identifying indicators of compromise (IoCs) and gaps in detection that need to be addressed.

  • Incident Escalation Point:
    Act as the final escalation point for complex security incidents escalated by L1 and L2 analysts. Provide mentorship and guidance to SOC team members to resolve incidents efficiently.

  • QRadar SIEM Optimization & Management:
    Lead the optimization, tuning, and management of the QRadar SIEM tool to ensure the accurate and effective detection of threats. Develop new use cases and detection rules to improve monitoring capabilities.

  • Security Architecture Support:
    Collaborate with IT and security teams to support the design and implementation of security architectures that enhance the overall security posture.

  • Vulnerability & Risk Management:
    Provide insights and recommendations based on vulnerability assessments, penetration tests, and risk management frameworks. Ensure the timely remediation of identified vulnerabilities.

  • SOC Process Improvement:
    Develop and refine SOC processes, playbooks, and incident response procedures. Ensure continuous improvement in detection and response mechanisms.

  • Training & Mentorship:
    Train and mentor junior SOC analysts (L1 and L2) on advanced detection techniques, incident management, and security best practices.

  • Reporting & Executive Communication:
    Prepare detailed incident reports and executive summaries, outlining root causes, actions taken, and recommendations for future mitigation. Communicate effectively with senior management during significant incidents.

    Required Skills & Qualifications:

  • Experience:

    • 5+ years of experience in a SOC environment, with at least 2 years as an L3 SOC Analyst or equivalent.
    • Expert-level experience with IBM QRadar SIEM, including tuning, rule development, and threat detection.
    • Strong background in handling advanced security incidents and forensic investigations.

  • Technical Expertise:

    • In-depth knowledge of security technologies, including firewalls, IDS/IPS, endpoint protection, DLP, and vulnerability management tools.
    • Expert understanding of advanced cyber threats, including APTs, ransomware, and insider threats.
    • Strong skills in malware analysis, digital forensics, reverse engineering, and threat intelligence.

  • Certifications (required or preferred):

    • Certified Information Systems Security Professional (CISSP)
    • Certified Incident Handler (GCIH)
    • QRadar Certification (preferred)
    • Certified SOC Analyst (CSA)
    • Certified Ethical Hacker (CEH)
    • Offensive Security Certified Professional (OSCP)

Halian Group

With over 20 years of experience, we have come to understand that innovation is the only way to provide agile, practical solutions that transform businesses and careers. Our resourcing and smart services help you to realize tomorrow’s potential. Discover the amazing things possible when you bring the right people and the right technologies together.

#LI-KW1