Senior Threat Detection Engineer - Cybersecurity

As a Senior Threat Detection Engineer at COGNNA, you’ll design high-impact detection strategies, build powerful automation, and elevate SOC operations to a world-class standard. You’ll also mentor rising cyber talent and collaborate with teams across threat intel, incident response, and platform engineering.

• Build high-fidelity correlation rules and behavioral detections within the COGNNA security platforms.
• Translate adversary TTPs (MITRE ATT&CK), threat intel, and vulnerability data into actionable logic.
• Identify detection gaps and introduce new data sources to cover evolving threat landscapes.
• Automate detection testing and maintain detection quality over time.

• Lead architecture and optimization of XDR, SIEM, and SOC tech stacks for scale and resilience.
• Streamline log ingestion pipelines — from parsing to normalization and enrichment.
• Build scripts and automations (Python, PowerShell) to enhance SOC efficiency.
• Integrate tools across the SOC stack to enable seamless workflows and response.

• Collaborate with intel and IR teams to enrich detection use cases and support threat hunts.
• Provide Tier-3+ support for incident investigations and post-mortem analysis.

• Mentor junior engineers, review detection logic, and provide hands‑on training.
• Improve SOC playbooks, SOPs, and detection engineering workflows.
• Stay updated on global and regional threats — and evolve detection accordingly.
• Ensure compliance alignment (e.g., NCA ECC, SAMA CSF).

• Bachelor’s in Computer Science, Cybersecurity, or related field.

• 4+ years in Threat Detection, SOC Engineering, or Advanced SecOps.
• Hands‑on expertise in developing and maintaining complex detection use cases.
• Strong understanding of attacker behavior, IR fundamentals, and digital forensics.

• SIEM : Expert in SIEM queries (SPL, KQL, Lucene), rule tuning, UEBA, and scaling.
• EDR : Deep knowledge of EDR tools and endpoint detection tactics.
• Network Security : Pro at packet analysis (Wireshark), IDS / IPS, and NetFlow.
• Scripting : Advanced skills in Python and / or PowerShell for automation and integration.
• OS Internals : Mastery of Windows / Linux / macOS logging, artifacts, and forensic value.
• Threat Intelligence : Skilled in turning threat intel into real‑time detection logic.
• Cloud Security : Strong command of monitoring IaaS / PaaS / SaaS environments.

• 🎓 SANS GIAC (GDAT, GMON, GCIA, GCTI, GCIH)
• 🐉 Offsec (OSDA)
• 🏫 INE (eCTHP, eCIR)
• 🧩 (ISC)² CISSP, CSSLP

• Exceptional analytical thinking and creative problem‑solving.
• Excellent communication (English & Arabic), including technical reporting.
• Strong mentorship abilities and a collaborative spirit.
• Self‑motivated, focused, and passionate about cyber defense.
• Capable of juggling priorities under high‑pressure situations.

🚀 Impact that Matters – Build products that shape the future of cybersecurity and protect organizations globally.

🏢 On‑Site Collaboration – Be at the heart of innovation in our Riyadh office, working side by side with passionate experts.

💡 Continuous Growth – Access to certifications, trainings, and opportunities to sharpen your expertise.

📈 Ownership Mindset – Benefit from our ESOP program and grow with COGNNA’s success.

🤝 Culture of Trust – We empower talent, encourage ownership, and celebrate real outcomes.