Jobs / Python Developer Jobs / SOC Analyst

SOC Analyst

Saudi

Overview:

We are seeking a skilled and motivated SOC Analyst with expertise that bridges the gap between L1 and L2 roles. The ideal candidate will have a solid foundation in security monitoring and incident response, along with hands-on experience in advanced threat analysis and proactive security measures. Proficiency in SIEM tools (e.g., Splunk), the MITRE ATT&CK framework, Cyber Kill Chain, and a strong understanding of vulnerabilities and threat management are essential.


Key Responsibilities

Monitor, analyze, and triage security alerts using SIEM tools like Splunk to identify and assess threats.

Conduct initial investigations and provide in-depth analysis of security incidents to determine the scope and impact.

Utilize the MITRE ATT&CK framework to identify and correlate adversary tactics, techniques, and procedures (TTPs).

Perform log correlation, packet analysis, and threat detection across diverse environments.

Manage vulnerabilities by assessing their impact, prioritizing remediation, and coordinating mitigation efforts.

Develop and fine-tune detection use cases, playbooks, and incident response workflows.

Conduct proactive threat hunting using SIEM and endpoint detection tools to identify unknown threats.

Leverage the Cyber Kill Chain to enhance detection, response, and prevention strategies.

Collaborate with cross-functional teams to implement security controls and ensure best practices are followed.

Document and report on incidents, including root cause analysis and actionable recommendations for improvement.

Skills

Required Skills and Experience:

2–5 years of hands-on experience in a SOC or similar cybersecurity role.

Proficiency in using SIEM tools (preferably Splunk) for monitoring, log analysis, and incident investigation.

Strong knowledge of the MITRE ATT&CK framework and the Cyber Kill Chain.

Understanding of common attack vectors, malware, threat actors, and vulnerability management processes.

Familiarity with scripting languages (e.g., Python, PowerShell) for automating security tasks is a plus.

Strong analytical and problem-solving skills with the ability to handle complex incidents.

Knowledge of forensic tools and techniques is an advantage.


Preferred Certifications:

CompTIA Security+

Splunk Core Certified User/Power User

GIAC Certified Incident Handler (GCIH)

MITRE ATT&CK Defender (MAD)

Certified Ethical Hacker (CEH)

Apply on the Job Website
Post date: 26 Jumada al-awwal 1446 - Today
Publisher: Bayt
Post date: 26 Jumada al-awwal 1446 - Today
Publisher: Bayt