SOC Analyst

The SOC Analyst will be responsible for continuous monitoring, detection, analysis, and response to cybersecurity threats across enterprise and critical infrastructure environments. The role operates as part of the SOC function, working closely with a Managed SOC (MSOC) provider to investigate alerts, respond to incidents, and maintain a strong defensive security posture.

The position focuses on SIEM monitoring, incident handling, threat analysis, and supporting defensive security controls across IT, OT, Cloud, and Web environments, in line with Saudi cybersecurity standards.

• Monitor and analyse security alerts generated by SIEM and SOC tooling
• Triage, investigate, and accelerate security incidents in coordination with the MSOC provider
• Perform Level 2–level incident response activities, including root cause analysis
• Support detection use cases, alert tuning, and false‑positive reduction
• Monitor security events across IT, OT, Cloud, Web, and IoT environments
• Assist with vulnerability monitoring and remediation tracking
• Support IAM and PAM monitoring activities (access reviews, alert investigation)
• Maintain incident documentation and prepare bilingual (Arabic & English) technical and executive reports
• Ensure SOC activities align with NCA cybersecurity frameworks and internal policies

• 3–5 years experience in a SOC Analyst / Security Operations role
• Previous experience supporting government, semi‑government, or critical infrastructure organisations in KSA
• Strong understanding of SOC operations and incident response workflows, Defensive security principles, SIEM platforms and alert investigation
• Familiarity with: MITRE ATT&CK, NCA cybersecurity frameworks, Incident response and threat‑handling methodologies
• Strong communication and reporting skills in English