CCDS

Level 2 Security Operations Center (SOC) Analyst

  • CCDS
  • الرياض السعودية
  • Full-time
تقدم على الوظيفة على موقع المعلن

وصف الوظيفة

CCDS is at the forefront of cybersecurity solutions, seeking a skilled Saudi Level 2 Security Operations Center (SOC) Analyst to enhance our Security Operations team. In this mid-level position, you will take charge of monitoring and responding to security incidents, performing in-depth analysis, and providing mentorship to junior analysts. This role offers an exciting opportunity to significantly contribute to the security posture of CCDS and gain exposure to advanced cybersecurity technologies and techniques.

Responsibilities

A Level 2 SOC Analyst is responsible for the detailed analysis, handling, and resolution of security incidents escalated from Level 1. They also contribute to threat hunting and improving security processes. Their day-to-day tasks typically include:

  • Advanced Security Alert Analysis:
    • Perform in-depth analysis of complex security alerts, utilizing various security tools and techniques.
    • Investigate potential security breaches and malicious activities.
    • Identify and analyze root causes of security incidents.
  • Incident Response and Handling:
    • Lead incident response activities, following established procedures and protocols.
    • Contain and remediate security incidents to minimize impact.
    • Coordinate with other teams to address security issues.
  • Threat Hunting:
    • Proactively search for threats within the organization's environment using various techniques and tools.
    • Develop and refine threat hunting methodologies.
    • Utilize threat intelligence to identify and investigate potential threats.

 

  • Malware Analysis:
    • Perform basic malware analysis to understand malware behavior and impact.
    • Utilize sandbox environments to detonate and analyze suspicious files.
  • Vulnerability Management:
    • Assist in vulnerability scanning, assessment, and remediation efforts.
    • Analyze vulnerability reports and prioritize remediation efforts.
  • Security Tool Optimization:
    • Tune and optimize security tools to improve detection accuracy and reduce false positives.
    • Contribute to the development of new security rules and signatures.
  • Documentation and Reporting:
    • Create detailed incident reports, including technical findings, timelines, and remediation actions.
    • Document incident response procedures and playbooks.
    • Present security findings and recommendations to stakeholders.
  • Mentorship and Guidance:
    • Provide guidance and mentorship to Level 1 SOC Analysts.
    • Share knowledge and expertise with other team members.
  • Security Process Improvement:
    • Identify areas for improvement in security processes and procedures.
    • Recommend and implement changes to enhance security operations.
  • Compliance:
    • Ensure adherence to relevant security policies, regulations, and compliance requirements (e.g., GDPR, HIPAA, PCI DSS).

إمتيازات الوظيفة

  • Private Family Health Insurance Class A
  • Paid Time Off
  • Training & Development Plan
  • Performance Bonus
  • GOSI will be covered as labor law.
  • Hardship allowance for working during Ramadan & Public Holidays.

متطلبات الوظيفة

Technical Skills:

          • Advanced Networking Knowledge: In-depth understanding of networking protocols, architectures, and security best practices.
          • Operating System Expertise: Strong command of Windows and Linux operating systems, including command line interfaces.
          • Advanced Security Tool Proficiency: Mastery of SIEM platforms, IDS/IPS, firewalls, endpoint detection and response (EDR), vulnerability scanners, and other security technologies.
          • Advanced Log Analysis: Expertise in analyzing logs from various sources, identifying anomalies, and correlating events.
          • Deep Understanding of Attack Vectors: Comprehensive knowledge of advanced attack techniques, including APTs, zero-day exploits, and advanced persistent malware.
          • Scripting and Automation Skills: Proficiency in scripting languages such as Python or PowerShell to automate security tasks.
          • Malware Analysis Skills: Basic malware analysis skills including using sandbox environments and static/dynamic analysis.
          • Cloud Security Knowledge (Preferred): Familiarity with cloud security concepts and technologies for AWS, Azure, or GCP.
        • Analytical and Problem-Solving Skills:
          • Ability to perform in-depth analysis of complex security incidents and identify root causes.
          • Strong problem-solving and critical-thinking abilities.
          • Ability to identify patterns and trends in security data.
          • Ability to think strategically and develop effective security solutions.
        • Communication Skills:
          • Excellent verbal and written communication skills to document incidents, present findings, and communicate complex security concepts to technical and non-technical audiences.
          • Ability to communicate effectively with diverse audiences, including technical teams, management, and external stakeholders.
        • Other Essential Skills:
          • Ability to lead incident response efforts and work effectively under pressure.
          • Strong organizational and time management skills.
          • Ability to work independently and as part of a team.
          • Ability to adapt to rapidly changing security landscape.
          • Strong attention to detail.
          • Adherence to strict confidentiality protocols.

Required Qualifications:

        • Educational Background:
          • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (preferred).
        • Certifications (Preferred):
          • CompTIA Security+
          • CompTIA CySA+
          • eCIR (elearn security certified Incident Handler)
          • eCTHP (elearn security Certified Threat Hunting Professional)
          • Certified Ethical Hacker (CEH)
          • Splunk Certified Power user or any other SIEM certifications for SOC analysts.
        • Experience:
          • 2-3 years of experience working in a SOC.
          • Atleast 1-2 years of experience as a Level 2 SOC Analyst (or equivalent role).
          • Experience working with various security tools and technologies.

Certifications (Preferred):

      • CompTIA Cybersecurity Analyst (CySA+)
      • Certified Information Systems Security Professional (CISSP)
      • GIAC Certified Incident Handler (GCIH)
    • Experience:
      • 3-5 years of experience as a SOC Analyst or similar cybersecurity role.
      • Hands-on experience with security incident management and incident response workflows.

Work Environment:

    • Work is primarily carried out in an office environment.
    • Must be willing to work in a rotational shift schedule and be available on-call for emergency incidents.

  • Saudi Nationality is mandatory.

وظائف مشابهة

ملخص الوظيفة
  • موقع الوظيفة
    الرياض السعودية
  • طبيعة الوظيفة
    Full-time
  • تاريخ النشر
    منذ 3 أسابيع

شارك
© 2025 Dwamk. All Rights Reserved.

Version: 1.1.1

سياسة الخصوصية