SOC Senior Specialist - L2

Company Overview:

Advanced technology and cybersecurity company (sirar) established by stc, the region’s ICT and digital services provider, sirar by stc is a cutting-edge cybersecurity provider that empowers organization to take control of their cyber capabilities and digital environments as experts in business security and privacy.

We offer a comprehensive range of solutions that help you to operate online safely, securely, and efficiently. The tools we provide help organizations detect and prevent cybersecurity attacks, safeguard their digital future, and provide protection and security from that point forward.

Key Responsibilities:

• Ensure Level 1 team members understand and operate in alignment with all relevant processes, procedures, manuals, guidelines, roles & responsibilities, policies, playbooks, and SLAs, and stay updated on any changes.
• Support and assist Level 1 analysts in investigations and provide guidance as needed.
• Manage the shift handover process according to predefined procedures.
• Handle unclear or noisy events and major incidents escalated by Level 1, evaluate them, and take appropriate action.
• Correlate information from multiple sources to understand security events and determine the effectiveness of observed attacks.
• Analyze network alerts and malicious activity to identify causes, vulnerabilities exploited, and potential impacts.
• Determine tactics, techniques, and procedures (TTPs) used in intrusion attempts.
• Examine network topologies and traffic to reconstruct and understand malicious activity.
• Isolate and remove malware as required.
• Stay current with emerging threats, vulnerabilities, and countermeasures.
• Develop and maintain SIEM content, including use cases, dashboards, reports, rules, and filters.
• Build, review, update, and obtain approvals for all MSOC documentation (processes, procedures, manuals, policies, SLAs, etc.).
• Provide onboarding requirements for new customers in coordination with the MSOC Manager.
• Escalate monitoring or investigation obstacles (e.g., missing logs, parsing issues, system slowness) to the appropriate teams.
• Review and validate MSOC reports (daily, weekly, monthly) before submission to stakeholders.
• Review and escalate critical and high-severity tickets appropriately, ensuring senior/managerial approval before customer submission.
• Respond to customer tickets and emails, escalating to senior/manager level when necessary.
• Validate resolved tickets with customers.
• Develop and maintain information security metrics.
• Report suspected cyber incidents in accordance with the organization’s incident response plan.
• Participate in handling alerts and tickets for subscribed customers.
• Contribute to the overall success of the company by performing additional duties as assigned by the line manager.

Academic Qualification:

• Bachelor’s degree in Cybersecurity, Computer Science, Information

Technology, or related discipline.

Professional Certificate:

• Certificate in CCNA Security / CompTIA / Security+/CTIA/ CIR/ DFP/GCFE / GCIA/GMON.

Skills:

• Intermediate proficiency in recognizing vulnerabilities in security systems.
• Basic proficiency in using intrusion detection technologies to detect host and network-based intrusions.
• Basic proficiency in effectively recognizing and categorizing types of vulnerabilities and associated attacks.
• Intermediate proficiency in assessing security controls based on cybersecurity principles and tenets.
• Basic proficiency in effectively performing root cause analysis for cybersecurity issues.

Years of Experience:

• 2-5 years in relevant experience.