أرسل لي وظائف مثل هذه
الجنسية
أي جنسية
جنس
غير مذكور
عدد الشواغر
1 عدد الشواغر
الوصف الوظيفي
الأدوار والمسؤوليات
About the role
We are looking for a Senior SOC Analyst to lead advanced security monitoring, investigation, and response across our cloud, endpoint, network, and edge environments. This role sits at the L2/L3 level and plays a critical part in incident escalation, detection engineering, and strengthening our overall security posture. You will also act as a mentor to junior analysts and collaborate closely with security, cloud, and engineering teams.
Key responsibilities
- Perform advanced L2/L3 alert triage and investigations across endpoint, network, cloud, and edge security platforms
- Lead investigations using SIEM tools to validate incidents, reduce noise, and determine impact
- Analyze and respond to edge security events including WAF, DDoS, bot activity, and Zero Trust alerts
- Act as an escalation point for confirmed incidents and support containment and response actions
- Conduct root cause analysis and threat investigations, identifying attacker behavior and scope of impact
- Design, tune, and maintain detection rules and logic across SIEM platforms
- Improve detection coverage by aligning rules with the MITRE ATT&CK framework
- Mentor and guide junior SOC analysts and contribute to skill development across the team
- Help build and maintain investigation playbooks and incident response runbooks
- Collaborate with SOC leadership, Cloud Security, and DevOps teams to improve security controls and visibility
What success looks like
- Security alerts are accurately triaged with reduced false positives and faster response times
- Incidents are thoroughly investigated with clear root cause analysis and actionable remediation
- Detection coverage improves continuously across cloud, endpoint, and edge environments
- Junior analysts demonstrate stronger investigation and escalation capabilities
- Cross-functional teams are supported with clear, timely security insights and recommendations
الملف الشخصي المطلوب للمرشحين
- 5+ years of experience as a SOC Analyst (L2/L3)
- Bachelor s degree in Cybersecurity, Information Technology, Computer Science, or equivalent experience
- Hands-on experience with SIEM platforms (Splunk, Graylog, or similar)
- Experience performing alert triage, incident investigation, and escalation
- Strong knowledge of networking protocols (TCP/IP, DNS, HTTP/HTTPS, BGP)
- Experience analyzing AWS security logs (CloudTrail, CloudWatch, VPC Flow Logs)
- Experience with container and Kubernetes runtime security (Kubernetes, Amazon EKS)
- Hands-on experience with Cloudflare security tools (WAF, DDoS, Bot Management, Zero Trust)
- Strong understanding of IDS/IPS, firewalls, proxies, and DLP technologies
- Experience conducting root cause analysis and post-incident reviews
- Familiarity with MITRE ATT&CK framework and NIST incident response standards
- Experience developing and tuning SIEM detection rules
- Knowledge of scripting or automation (Python, PowerShell, or Bash)
- Foundational understanding of AI/ML security concepts and LLM-related risks
- Strong analytical, investigation, and incident handling skills
- Ability to communicate technical findings to non-technical stakeholders
- Relevant certifications preferred (GCIA, GCIH, CompTIA CySA+, AWS Security Specialty)
القطاع المهني للشركة
- إنترنت
- التجارة الإلكترونية
- دوتكوم
المجال الوظيفي / القسم
- سوفت وير تقنية المعلومات
الكلمات الرئيسية
- Senior SOC Analyst
تنويه: نوكري غلف هو مجرد منصة لجمع الباحثين عن عمل وأصحاب العمل معا. وينصح المتقدمون بالبحث في حسن نية صاحب العمل المحتمل بشكل مستقل. نحن لا نؤيد أي طلبات لدفع الأموال وننصح بشدة ضد تبادل المعلومات الشخصية أو المصرفية ذات الصلة. نوصي أيضا زيارة نصائح أمنية للمزيد من المعلومات. إذا كنت تشك في أي احتيال أو سوء تصرف ، راسلنا عبر البريد الإلكتروني abuse@naukrigulf.com