L3 Senior Security Analyst (Saudi National only)

Our Culture:

At Hulool Zaintech for Information Technology, we pride ourselves on our culture, which drives everything we do. We seek individuals who share our values and wish to be part of a collaborative and innovative environment. If you are committed to driving engagement and excellence through teamwork, customer-centricity, and integrity, consider joining the Hulool Zaintech family.

Our Code of Conduct:

We adhere strictly to our code of conduct, serving as a moral compass to guide responsible behavior and ethical decision-making. It outlines policies and standards for our global operations, fostering integrity and ethical excellence. All employees review and adhere to this code annually, with new hires doing so during onboarding.

Duties and Responsibilities:

1. Manage, configure, test, and integrate SIEM systems, focusing on content development such as reports, dashboards, rules, filters, and channels.
2. Develop and deploy new SIEM content (use-cases) based on business needs or threat requirements, in collaboration with the engineering team.
3. Conduct breach analysis and investigative activities to trace advanced threats.
4. Investigate and escalate complex or high-severity security incidents.
5. Serve as an escalation resource and mentor for other analysts.
6. Collaborate with SIEM engineering and security teams to develop and refine correlation rules.
7. Maintain expertise in advanced persistent threats, forensics, and incident response practices.
8. Engage in threat hunting to identify emerging threats across internal and external sources.
9. Coordinate evidence collection, documentation, and review security incident reports.
10. Assist in defining and driving strategic security initiatives.
11. Create and update SOC processes and procedures in collaboration with Level 1 and Level 2 analysts.
12. Recommend improvements to security policies, procedures, and architecture based on operational insights.
13. Generate operational and executive security reports.
14. Analyze security events to verify incidents, assessing their impact and risk.
15. Prepare incident analysis reports and coordinate response efforts.
16. Support log integration activities and reduce false positives.
17. Assist during incident containment, investigation, eradication, and recovery phases.
18. Contribute data for SOC reports and metrics.
19. Monitor for false positives and work with engineering to address them.
20. Analyze recurring incidents and system performance, implementing corrective actions.
21. Document and update playbooks and procedures.

Minimum Requirements:

• 5+ years of experience in SOC operations, monitoring, and event analysis.
• Expertise in security monitoring platforms and related technologies.
• Strong analytical and problem-solving skills.
• Advanced knowledge of SIEM/SOAR tools for event investigation.
• Understanding of incident handling and response techniques.
• Extensive experience in incident response, handling, and security operations.