SOC Analyst

Overview

We are hiring a SOC Analyst (L2) to handle advanced monitoring, incident investigation, response coordination, and automation within a 24/7 Security Operations Center, in full compliance with National Cybersecurity Authority (NCA) regulations.

Must be based in Jeddah or willing to relocate

Mandatory Requirements (Audit-Critical)

• Valid NCA Category A Certificate (minimum 3 years)
• Compliance with Saudi Cybersecurity Workforce Framework (SCyWF)
• Verifiable certifications
• Willingness to work 24/7 shifts (nights, weekends, holidays)
• Adherence to NCA regulations (ECC, Incident Management, Workforce Controls)

Note: Non-compliance leads to disqualification.

Key Responsibilities

1. Incident Handling

Investigate medium–high severity incidents

Perform root cause & impact analysis

Correlate logs across SIEM, EDR/XDR, and network tools

Lead containment, eradication, and recovery

2. Detection & Automation

Develop and tune detection rules

Reduce false positives

Support SOAR automation and playbooks

Improve SOC processes

3. Documentation & Compliance

Maintain audit-ready documentation (evidence, timelines, RCA, remediation)

Support NCA audits and regulatory reviews

4. Team Support

Guide L1 analysts

Validate escalations and severity levels

Support knowledge sharing

5. Reporting

Prepare SOC reports (KPIs, SLA, trends)

Present findings to stakeholders

Participate in incident reviews

Technical Requirements

• SIEM: Microsoft Sentinel, Splunk, IBM QRadar, Elastic
• SOAR: Playbooks, automation, workflow optimization
• EDR/XDR investigation
• Network security tools (Firewall, IDS/IPS)
• MITRE ATT&CK knowledge
• Log analysis (Windows, Linux, Cloud, Network)
• Automation & alert tuning
• Exposure to AI-driven security tools (plus)

Qualifications & Experience

• Bachelor’s in Cybersecurity / IT / Computer Science
• 3–5 years SOC experience
• Experience handling high-severity incidents
• Strong analytical and documentation skills