SOC Analyst

Full time on site
SOC Analyst
Job Description

Date Posted: 14 July, 2026 Industry: IT Services and IT Consulting Location: VAPORVM IT SERVICES DMCC

Job Description:

Job Summary

We are seeking a highly skilled Senior SOC Analyst (L2/L3) to join our Cybersecurity Operations team in Saudi Arabia. The ideal candidate will have strong experience in Security Operations Center (SOC) activities, incident response, threat hunting, SIEM administration, endpoint security, and cloud security monitoring. The candidate will be responsible for detecting, analyzing, investigating, and responding to cybersecurity threats while continuously improving the organization’s detection and response capabilities.

Key Responsibilities

  • Monitor, analyze, and investigate security alerts generated by SIEM, EDR/XDR, IDS/IPS, firewalls, WAF, email security, and other security platforms.
  • Perform incident triage, investigation, containment, eradication, recovery, and post-incident activities.
  • Conduct proactive threat hunting using Indicators of Compromise (IOCs), Indicators of Attack (IOAs), and threat intelligence feeds.
  • Investigate malware infections, phishing attacks, ransomware incidents, insider threats, and advanced cyber attacks.
  • Analyze suspicious endpoint, network, authentication, cloud, and application activities.
  • Develop, customize, and maintain SIEM use cases, detection rules, correlation logic, dashboards, and reports.
  • Fine-tune security monitoring rules to minimize false positives and improve detection accuracy.
  • Perform log analysis across Windows, Linux, Active Directory, Microsoft 365, Azure, cloud platforms, applications, and network devices.
  • Collaborate with infrastructure, networking, cloud, and application teams during security incidents.
  • Prepare incident reports, Root Cause Analysis (RCA), executive summaries, and recommendations.
  • Participate in vulnerability assessment validation and remediation verification.
  • Assist in developing SOC playbooks, runbooks, automation workflows, and Standard Operating Procedures (SOPs).
  • Support digital forensics, evidence collection, and incident investigations when required.
  • Mentor junior SOC analysts and provide technical guidance during incident response activities.
  • Participate in 24×7 SOC operations, on-call support, and shift rotations as required.

Required Technical Skills

Security Monitoring \& SIEM

  • Microsoft Sentinel
  • IBM QRadar
  • Splunk Enterprise Security
  • LogRhythm
  • ArcSight

Endpoint Detection \& Response (EDR/XDR)

  • Microsoft Defender for Endpoint
  • CrowdStrike Falcon
  • SentinelOne
  • Cortex XDR

Operating Systems \& Identity Security

  • Windows Server
  • Linux
  • Active Directory
  • Microsoft Entra ID (Azure AD)
  • Microsoft 365 Security

Network Security

  • Firewalls
  • VPN
  • IDS/IPS
  • Web Application Firewall (WAF)
  • Proxy Solutions
  • Email Security Gateways

Threat Detection \& Incident Response

  • Threat Hunting
  • IOC/IOA Analysis
  • Malware Analysis
  • Phishing Investigation
  • Ransomware Response
  • Digital Forensics
  • Incident Response

Frameworks \& Standards

  • MITRE ATT\&CK Framework
  • Cyber Kill Chain
  • NIST Cybersecurity Framework

Vulnerability Management

  • Tenable
  • Qualys
  • Rapid7

Cloud Security

  • Microsoft Azure
  • Amazon Web Services (AWS)
  • Google Cloud Platform (GCP)

Automation \& Scripting

  • SOAR Platforms
  • PowerShell
  • Python
  • Bash

Networking

  • TCP/IP
  • DNS
  • HTTP/HTTPS
  • SMTP
  • DHCP
  • VPN Technologies

Required Qualifications

  • Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
  • 5–8 years of hands-on experience in a Security Operations Center (SOC) environment.
  • Strong analytical, troubleshooting, and incident response skills.
  • Experience working in enterprise or MSSP environments.
  • Excellent communication, documentation, and reporting skills.

Preferred Certifications

  • Microsoft Certified: Security Operations Analyst (SC-200)
  • CompTIA CySA+
  • CompTIA Security+
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA)
  • Certified Ethical Hacker (CEH)
  • Splunk Certified Power User/Admin
  • Microsoft Sentinel Certification
  • IBM QRadar Certification
  • CrowdStrike Certified Falcon Administrator
  • Cisco CyberOps Associate
  • ISC² Certified Information Systems Security Professional (CISSP) (Preferred)
Share this job:
ES Assistant Online
Hello! I am your AI career assistant. How can I help you today?