L3 Senior Security Analyst (Saudi National only)

Our Culture:

At Hulool Zaintech for Information Technology, we are proud of our culture and how it drives everything we do. We seek individuals who share our values and want to be part of a unique, engaging environment centered around collaboration and innovation. If you are looking for a role where you can foster engagement and excellence across teams through commitment and teamwork, and are customer-centric with a focus on integrity and employee engagement, then read on to learn how you can join the Hulool Zaintech family.

Our Code of Conduct:

We strictly adhere to our code of conduct, which serves as a moral compass, guiding responsible behaviour and ethical decision-making to foster positive relationships and a better future. It outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence worldwide.

All employees review, understand, and adhere to this code annually, and all new hires do so as part of onboarding.

Duties and Responsibilities:

1. Manage, configure, test, and integrate SIEM systems, focusing on content development such as reports, dashboards, real-time rules, filters, and channels.
2. Develop and deploy new SIEM content (use-cases) aligned with business needs or emergency threat responses, in collaboration with engineering teams.
3. Conduct multi-step breach and investigative analyses to trace activities related to advanced threats.
4. Investigate and escalate complex or high-severity security threats or incidents.
5. Serve as an escalation resource and mentor for other analysts.
6. Collaborate with SIEM engineering and security partners to develop and refine correlation rules.
7. Maintain expertise in advanced persistent threats, tools, techniques, procedures (TTPs), forensics, and incident response practices.
8. Perform threat hunting to identify emerging threat activities across internal and external sources.
9. Coordinate evidence/data gathering, documentation, and review security incident reports.
10. Assist in defining and driving strategic security initiatives.
11. Develop SOC processes and procedures in collaboration with Level 1 and Level 2 analysts.
12. Recommend improvements to security policies, procedures, and architecture based on operational insights.
13. Create operational and executive reports.
14. Analyze security events to verify incidents, assessing potential impact and risk.
15. Prepare incident analysis reports to initiate response, engaging relevant teams or resources.
16. Support log integration activities and work to reduce false positives.
17. Assist during incident containment, investigation, eradication, and recovery phases.
18. Provide data support for SOC reports and metrics.
19. Monitor for false positives and work with engineering to resolve them.
20. Analyze recurring incidents and system performance, implementing corrective actions.
21. Document and update playbooks and procedures regularly.