We are seeking an experienced and proactive Senior SOC Engineer to join our Security Operations Center (SOC) team, located in Riyadh, Saudi Arabia. This is an on-site, full-time position.
The ideal candidate will possess deep technical expertise in managing and operating SOAR, EDR, Splunk, and other security platforms, coupled with strong scripting abilities (preferably in Python). This role requires a proactive problem-solver who can lead the resolution of major incidents, optimize SOC operations, and develop automation solutions to enhance efficiency.
Key Responsibilities:
- Manage and maintain security platforms, including SOAR, EDR, Splunk, and other security tools to ensure operational excellence.
- Lead incident response efforts, taking ownership of major security incidents and critical cases across security platforms.
- Develop, test, and implement automation scripts (preferably in Python) to enhance SOAR capabilities and streamline SOC workflows.
- Perform advanced threat detection, analysis, and remediation, ensuring effective response to potential security breaches.
- Design and implement new security use cases, playbooks, and workflows to improve threat detection and response.
- Collaborate with cross-functional teams to deploy and integrate security solutions in alignment with the organization's security strategy.
- Monitor and optimize the performance of security tools to meet the highest standards for detection and response.
- Act as an on-call resource for handling critical security incidents outside of regular working hours.
- Prepare comprehensive reports on security incidents, including root cause analysis and recommendations for continuous improvement.
- Provide mentorship and guidance to junior SOC analysts, fostering skill development and knowledge sharing.
Qualifications & Skills:
Experience:
- Minimum 8 years of experience in SOC engineering roles with hands-on expertise in SOAR, EDR, and Splunk.
- Strong incident response and threat detection expertise, with a proven track record of handling critical security events.
- Experience in cybersecurity project management, including deployment and integration of security solutions.
Technical Skills:
- Proficiency in scripting, preferably Python, for developing automation scripts and enhancing SOAR capabilities.
- Strong knowledge of security frameworks, including MITRE ATT&CK, NIST, ISO 27001, and CIS benchmarks.
- Expertise in security monitoring, log analysis, and forensic investigations using Splunk.
- Familiarity with network security, SIEM tuning, threat intelligence, and malware analysis.
Certifications:
- Mandatory: Splunk Certification (Splunk Certified Power User, Splunk Certified Admin)
- Preferred: CEH (Certified Ethical Hacker), CISSP (Certified Information Systems Security Professional) and other relevant cybersecurity certifications.
Soft Skills:
- Strong analytical and problem-solving skills with the ability to lead major security incidents.
- Excellent verbal and written communication skills, capable of preparing detailed incident reports and presentations.
- Team-oriented mindset with the capability to mentor and guide junior team members.
- Flexibility to work outside regular hours to handle urgent security threats.
Language Requirements:
- Proficiency in English is expected. Additional language skills may be advantageous.
