55 Defense Analyst jobs in Saudi Arabia

Help AG is looking for a talented and enthusiastic Cybersecurity Defense Analyst to join our Cybersecurity Operations Center (CSOC) team as part of our Managed Security Services (MSS) business unit. If you have strong knowledge and interest in Cybersecurity, this position might be the right one for you. The Senior Cybersecurity Defense Analyst will be responsible for monitoring multiple client environments, guiding, leading other Security Analysts, and conducting forensic analysis and threat hunting to detect and identify Cybersecurity incidents/breaches. The candidate is also expected to be up to date with Cybersecurity intelligence and threat landscape.

• Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Correlate and analyze events using SIEM tools to detect security incidents.
• Create, follow and present detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, investigate, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedure.
• Maintain a high degree of awareness of current threat landscape and cybersecurity intelligence.
• Spread the cybersecurity intelligence across the team of analysts and engage in threat hunting activities.
• Lead delivery, and support others in the delivery, of knowledge sharing with analysts and writing technical articles for Internal knowledge bases, blog posts and reports as requested.
• Perform other essential duties as assigned.
• Analysis of log files, includes forensic analysis of system resource access.
• Create, follow and present customer reports to ensure quality, accuracy, and value to clients.
• Creation of new content (Use Cases, Queries, Reports) within the SIEM platform.
• Education and training of other analysts in use and operation of SIEM platform.
• On-site work with clients as required.
• Engage with client Incident Response team as required.
• Generate cybersecurity Threat Intelligence reports.

• Saudi National will be preferrable.
• Bachelor’s or master’s degree in Cybersecurity, Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest and passion in cybersecurity, incident detection, network, and systems security.
• 1 - 5 years of experience in cybersecurity, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, threat intelligence/hunting or digital forensics.
• A sound knowledge of IT security best practices, common attack types and detection / prevention methods.
• Demonstrable experience of analyzing and interpreting system, security, and application logs. Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce.
• Experience in using Splunk as an analyst for Threat and Incident Detection is required.
• Experience with ArcSight, LogRhythm, QRadar, is preferable but not mandatory.
• Strong understanding of Cyber Kill Chain and MITRE ATT&CK frameworks and techniques.
• Solid understanding of TCP/IP and network concepts and principles.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS.
• Professional certificates are highly preferred (e.g., CCIE, OSCP, CISSP, GSEC, GCIA, GCIH, GMON, GREM, GDAT, GCFE, etc.).
• An experienced Analyst who aspires to be a leader and is committed to learning the principles of leadership and the role of a leader.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Very good communication skills.
• Strong analytical and problem-solving skills.
• A motivated, self-managed, individual who can demonstrate exceptional analytical skills and work professionally with peers and customers even under pressure.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Ability to speak and write in both English and Arabic is preferred.
• Well-versed in developing content for SIEM (creating, fine tuning) use cases and rules.
• Experience with automation tools (SOAR) is preferred.
• Experience in Malware Analysis / Reverse Engineering is preferred.

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement activities throughout the year.
• Tailored training & development program.

Help AG is the cyber security arm of e& enterprise and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by Etisalat group in Feb 2020, hence creating a cyber security and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendoragnostic, trustworthy, independent, and cyber security focused. With best-of-breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Help AG is looking for a talented and enthusiastic individual to join our Cybersecurity Operations Center (CSOC) team as part of the Managed Security Services (MSS) business unit. If you have strong knowledge and interest in Cybersecurity, this position might be the right one for you. The Cyber Defense Analyst (L2/L3) will be responsible for monitoring multiple client environments, guiding, leading other Security Analysts, and conducting forensic analysis and threat hunting to detect and identify Cybersecurity incidents/breaches. The candidate is also expected to be up to date with Cybersecurity intelligence and threat landscape.

Responsibilities

• Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.

• Correlate and analyze events using SIEM tools to detect security incidents.

• Create, follow and present detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.

• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.

• Respond in a timely manner (within documented SLA) to support, investigate, and other cases.

• Document actions in cases to effectively communicate information internally and to customers.

• Resolve problems independently and understand escalation procedure.

• Maintain a high degree of awareness of current threat landscape and cybersecurity intelligence.

• Spread the cybersecurity intelligence across the team of analysts and engage in threat hunting activities.

• Lead delivery, and support others in the delivery, of knowledge sharing with analysts and writing technical articles for Internal knowledge bases, blog posts and reports as requested.

• Perform other essential duties as assigned.

• Analysis of log files, includes forensic analysis of system resource access.

• Create, follow and present customer reports to ensure quality, accuracy, and value to clients.

• Creation of new content (Use Cases, Queries, Reports) within the SIEM platform.

• Education and training of other analysts in use and operation of SIEM platform.

• On-site work with clients as required.

• Engage with client Incident Response team as required.

• Generate cybersecurity Threat Intelligence reports.

Qualifications

• 2-5 years of experience in cybersecurity, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, threat intelligence/hunting or digital forensics.

• Bachelor’s/Master’s Degree in Cybersecurity, Computer Science, Information Systems, Electrical Engineering, or a closely related degree.

• An active interest and passion in cybersecurity, incident detection, network, and systems security.

• A sound knowledge of IT security best practices, common attack types and detection / prevention methods.

• Demonstrable experience of analyzing and interpreting system, security, and application logs.

• Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce.

• Experience in using Splunk as an analyst for Threat and Incident Detection is required.

• Experience with ArcSight, LogRhythm, QRadar, is preferable but not mandatory.

• Strong understanding of Cyber Kill Chain and MITRE ATT&CK frameworks and techniques.

• Solid understanding of TCP/IP and network concepts and principles.

• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS.

• Professional certificates are highly preferred (e.g., CCIE, OSCP, CISSP, GSEC, GCIA, GCIH, GMON, GREM, GDAT, GCFE…etc.).

• An experienced Analyst who aspires to be a leader, and is committed to learning the principles of leadership and the role of a leader.

• Outstanding organizational skills.

• Exclusive focus and vast experience in IT.

• Very good communication skills.

• Strong analytical and problem-solving skills.

• A motivated, self-managed, individual who can demonstrate exceptional analytical skills and work professionally with peers and customers even under pressure.

• Strong written and verbal skills.

• Strong interpersonal skills with the ability to collaborate well with others.

• Ability to speak and write in English is required; Ability to speak and write in both English and Arabic is preferred.

• Well-versed in developing content for SIEM (creating, fine tuning) use cases and rules.

• Experience with automation tools (SOAR) is preferred.

• Experience in Malware Analysis / Reverse Engineering is preferred.

Benefits

• Health insurance with one of the leading global providers for medical insurance.

• Career progression and growth through challenging projects and work.

• Employee engagement activities throughout the year.

• Tailored training & development program.

About Us

Help AG is the cybersecurity arm of e& enterprise and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a

competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by Etisalat in Feb 2020, hence creating a cyber security and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor dagnostic, trustworthy, independent, and cyber security focused. With best-of-breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business

Join to apply for the Cyber Defense Analyst (L2/L3) role at Help AG, an e& enterprise company

Help AG is seeking a talented individual to join our Cybersecurity Operations Center (CSOC) team within the Managed Security Services (MSS) business unit. If you have a strong interest and knowledge in Cybersecurity, this role could be ideal for you. The Cyber Defense Analyst (L2/L3) will monitor client environments, lead other Security Analysts, and conduct forensic analysis and threat hunting to detect cybersecurity incidents. The candidate should stay updated on the cybersecurity threat landscape.

• Monitor security technologies like IDS/IPS, Firewalls, Switches, VPNs, and other threat data sources.
• Analyze events using SIEM tools to detect security incidents.
• Develop and present operational processes and procedures for incident analysis, escalation, and remediation.
• Respond to technical inquiries via phone and electronic communication.
• Support and investigate cases within SLA guidelines.
• Document actions clearly for internal and client communication.
• Resolve problems independently and understand escalation procedures.
• Maintain awareness of current threats and cybersecurity intelligence.
• Share cybersecurity intelligence within the team and participate in threat hunting.
• Lead knowledge sharing efforts, including creating technical articles and reports.
• Perform log and forensic analysis, including system resource access logs.
• Create and present client reports ensuring quality and value.
• Develop content within SIEM platforms, including use cases and queries.
• Train and educate other analysts on SIEM operations.
• Participate in on-site client work as needed.
• Engage with client Incident Response teams.
• Generate cybersecurity Threat Intelligence reports.

• 2-5 years in cybersecurity, including security operations, incident analysis, threat hunting, or digital forensics.
• Bachelor’s or Master’s in Cybersecurity, Computer Science, or related fields.
• Strong interest in cybersecurity and incident detection.
• Knowledge of IT security best practices, attack types, and detection methods.
• Experience analyzing logs and using SIEM tools like Splunk.
• Understanding of frameworks like Cyber Kill Chain and MITRE ATT&CK.
• Knowledge of network concepts, TCP/IP, and attack activities.
• Professional certifications (e.g., CISSP, GSEC, GCIH) are preferred.
• Leadership potential, organizational skills, and excellent communication skills.
• Proficiency in English; Arabic is a plus.
• Experience with automation tools and malware analysis is advantageous.

• Health insurance with leading providers.
• Career growth through challenging projects.
• Employee engagement activities.
• Tailored training and development programs.

Help AG, part of e& enterprise, offers enterprise cybersecurity solutions across the Middle East. Established in 2004 and acquired by Etisalat in 2020, Help AG is a trusted cybersecurity partner with top-tier technologies and expert teams, committed to strengthening clients' defenses.

Help AG is looking for a talented and enthusiastic individual to join our Cybersecurity Operations Center (CSOC) team as part of the Managed Security Services (MSS) business unit. If you have strong knowledge and interest in Cybersecurity, this position might be the right one for you. The Cyber Defense Analyst (L2/L3) will be responsible for monitoring multiple client environments, guiding, leading other Security Analysts, and conducting forensic analysis and threat hunting to detect and identify Cybersecurity incidents/breaches. The candidate is also expected to be up to date with Cybersecurity intelligence and threat landscape.

Responsibilities

• Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.

• Correlate and analyze events using SIEM tools to detect security incidents.

• Create, follow and present detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.

• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.

• Respond in a timely manner (within documented SLA) to support, investigate, and other cases.

• Document actions in cases to effectively communicate information internally and to customers.

• Resolve problems independently and understand escalation procedure.

• Maintain a high degree of awareness of current threat landscape and cybersecurity intelligence.

• Spread the cybersecurity intelligence across the team of analysts and engage in threat hunting activities.

• Lead delivery, and support others in the delivery, of knowledge sharing with analysts and writing technical articles for Internal knowledge bases, blog posts and reports as requested.

• Perform other essential duties as assigned.

• Analysis of log files, includes forensic analysis of system resource access.

• Create, follow and present customer reports to ensure quality, accuracy, and value to clients.

• Creation of new content (Use Cases, Queries, Reports) within the SIEM platform.

• Education and training of other analysts in use and operation of SIEM platform.

• On-site work with clients as required.

• Engage with client Incident Response team as required.

• Generate cybersecurity Threat Intelligence reports.

Qualifications

• 2-5 years of experience in cybersecurity, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, threat intelligence/hunting or digital forensics.

• Bachelor’s/Master’s Degree in Cybersecurity, Computer Science, Information Systems, Electrical Engineering, or a closely related degree.

• An active interest and passion in cybersecurity, incident detection, network, and systems security.

• A sound knowledge of IT security best practices, common attack types and detection / prevention methods.

• Demonstrable experience of analyzing and interpreting system, security, and application logs.

• Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce.

• Experience in using Splunk as an analyst for Threat and Incident Detection is required.

• Experience with ArcSight, LogRhythm, QRadar, is preferable but not mandatory.

• Strong understanding of Cyber Kill Chain and MITRE ATT&CK frameworks and techniques.

• Solid understanding of TCP/IP and network concepts and principles.

• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS.

• Professional certificates are highly preferred (e.g., CCIE, OSCP, CISSP, GSEC, GCIA, GCIH, GMON, GREM, GDAT, GCFE…etc.).

• An experienced Analyst who aspires to be a leader, and is committed to learning the principles of leadership and the role of a leader.

• Outstanding organizational skills.

• Exclusive focus and vast experience in IT.

• Very good communication skills.

• Strong analytical and problem-solving skills.

• A motivated, self-managed, individual who can demonstrate exceptional analytical skills and work professionally with peers and customers even under pressure.

• Strong written and verbal skills.

• Strong interpersonal skills with the ability to collaborate well with others.

• Ability to speak and write in English is required; Ability to speak and write in both English and Arabic is preferred.

• Well-versed in developing content for SIEM (creating, fine tuning) use cases and rules.

• Experience with automation tools (SOAR) is preferred.

• Experience in Malware Analysis / Reverse Engineering is preferred.

Benefits

• Health insurance with one of the leading global providers for medical insurance.

• Career progression and growth through challenging projects and work.

• Employee engagement activities throughout the year.

• Tailored training & development program.

About Us

Help AG is the cybersecurity arm of e& enterprise and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a

competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by Etisalat in Feb 2020, hence creating a cyber security and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor dagnostic, trustworthy, independent, and cyber security focused. With best-of-breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business

A leading Talent Acquisition Company in SaudiArabia is looking for a talented Cyber Defense Center Analyst to join our esteemed team in Saudi Arabia. In this critical role, you will play a key part in monitoring, analyzing, and responding to cybersecurity incidents within an operational environment. Your expertise will help safeguard our clients’ information systems, and you'll work closely with other cybersecurity professionals to develop and enhance incident response strategies.

The Cyber Defense Center Analyst will be responsible for utilizing state-of-the-art security tools to detect, analyze, and mitigate potential threats and vulnerabilities. You will conduct thorough investigations into incidents, prepare reports, and collaborate with various stakeholders to improve overall security posture.

Your analytical skills and attention to detail will be vital as you support the mission of ensuring information security and defending against cyber threats.

• Monitor security events from SIEM, tickets, email, and phone channels.
• Investigate and escalate incidents based on severity.
• Analyze cyber threat intelligence and emerging threats.
• Perform incident triage and provide remediation recommendations.
• Track and document cyber incidents.
• Support configuration and management of security monitoring tools (SIEM, NETFLOW, etc.).
• Collaborate with technical teams to enhance security systems and processes.
• Document security procedures, configurations, and incidents.

Knowledge

Knowledge of cybersecurity considerations for database systems.

Knowledge in Threat Hunting and MITRE ATT&CK Methodology.

Knowledge of network traffic protocols, methods and management.

Knowledge of cyber threat intelligence sources and their respective capabilities.

Skills

Skill in SIEM query languages to do basic filtering etc.

Skill in scripting – Python and PowerShell.

Skill in security tools – commercial and open-source.

Skill in safely and effectively conducting research using deep web.

Skill in defensive technologies – NGFW, AV, VPN, IPS, NETFLOW, DAM, WAF, Proxy, and Web Abilities

Ability to create signature rules such as Snort, Yara.

Ability to create Sigma detection rules.

Ability to determine whether CTI is reliable, valid and relevant. Cyber Security Expertise:

Security Concepts: In-depth understanding of network security architecture, defense-in-depth principles, and incident response.

• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• Strong knowledge of security concepts, technologies, and best practices.
• Experience in incident response, threat hunting, or security monitoring.
• 4+ years of experience in cybersecurity with 2+ year in SOC/SIEM operations.
• The CDC Analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone) based on the security event severity
• Knowledge of network security, incident response, and MITRE ATT&CK.
• Proficiency in SIEM, scripting (Python, PowerShell), and security tools.
• Knowledge of network and application security, firewalls, intrusion detection systems, and other security technologies.
• Ability to work effectively under pressure and prioritize multiple tasks.
• Relevant industry certifications (e.g. CySA+, CEH, eJPT, eCIR, eTHP, SOC-200)
• A commitment to continuous learning and staying current with the evolving cybersecurity landscape.

A leading Talent Acquisition Company in Saudi Arabia is seeking a talented Cyber Defense Center Analyst to join our esteemed team in Saudi Arabia. In this critical role, you will monitor, analyze, and respond to cybersecurity incidents within an operational environment. Your expertise will help safeguard our clients’ information systems, and you will collaborate closely with other cybersecurity professionals to develop and enhance incident response strategies.

The Cyber Defense Center Analyst will utilize advanced security tools to detect, analyze, and mitigate potential threats and vulnerabilities. Responsibilities include conducting thorough investigations into incidents, preparing reports, and working with various stakeholders to improve overall security posture.

Your analytical skills and attention to detail are vital in supporting the mission of ensuring information security and defending against cyber threats.

• Monitor security events from SIEM, tickets, email, and phone channels.
• Investigate and escalate incidents based on severity.
• Analyze cyber threat intelligence and emerging threats.
• Perform incident triage and provide remediation recommendations.
• Track and document cyber incidents.
• Support configuration and management of security monitoring tools (SIEM, NETFLOW, etc.).
• Collaborate with technical teams to enhance security systems and processes.
• Document security procedures, configurations, and incidents.

• Knowledge of cybersecurity considerations for database systems.
• Knowledge of Threat Hunting and MITRE ATT&CK methodology.
• Knowledge of network traffic protocols, methods, and management.
• Knowledge of cyber threat intelligence sources and their capabilities.
• Proficiency in SIEM query languages for basic filtering.
• Scripting skills in Python and PowerShell.
• Experience with security tools—both commercial and open-source.
• Ability to conduct research using the deep web safely and effectively.
• Familiarity with defensive technologies such as NGFW, AV, VPN, IPS, NETFLOW, DAM, WAF, Proxy, and Web Abilities.
• Ability to create signature rules (e.g., Snort, Yara) and Sigma detection rules.
• Ability to assess the reliability, validity, and relevance of cyber threat intelligence.

• Deep understanding of network security architecture, defense-in-depth principles, and incident response.
• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• Strong knowledge of security concepts, technologies, and best practices.
• Experience in incident response, threat hunting, or security monitoring.
• Minimum 4 years of cybersecurity experience, including at least 2 years in SOC/SIEM operations.
• Knowledge of network security, incident response, and MITRE ATT&CK framework.
• Proficiency in SIEM, scripting (Python, PowerShell), and security tools.
• Familiarity with network and application security technologies such as firewalls and intrusion detection systems.
• Ability to work effectively under pressure and prioritize tasks.
• Relevant industry certifications (e.g., CySA+, CEH, eJPT, eCIR, eTHP, SOC-200).
• Commitment to continuous learning and staying current with cybersecurity developments.

A leading Talent Acquisition Company in SaudiArabia is looking for a talented Cyber Defense Center Analyst to join our esteemed team in Saudi Arabia. In this critical role, you will play a key part in monitoring, analyzing, and responding to cybersecurity incidents within an operational environment. Your expertise will help safeguard our clients’ information systems, and you'll work closely with other cybersecurity professionals to develop and enhance incident response strategies.

The Cyber Defense Center Analyst will be responsible for utilizing state-of-the-art security tools to detect, analyze, and mitigate potential threats and vulnerabilities. You will conduct thorough investigations into incidents, prepare reports, and collaborate with various stakeholders to improve overall security posture.

Your analytical skills and attention to detail will be vital as you support the mission of ensuring information security and defending against cyber threats.

• Monitor security events from SIEM, tickets, email, and phone channels.
• Investigate and escalate incidents based on severity.
• Analyze cyber threat intelligence and emerging threats.
• Perform incident triage and provide remediation recommendations.
• Track and document cyber incidents.
• Support configuration and management of security monitoring tools (SIEM, NETFLOW, etc.).
• Collaborate with technical teams to enhance security systems and processes.
• Document security procedures, configurations, and incidents.

Knowledge

Knowledge of cybersecurity considerations for database systems.

Knowledge in Threat Hunting and MITRE ATT&CK Methodology.

Knowledge of network traffic protocols, methods and management.

Knowledge of cyber threat intelligence sources and their respective capabilities.

Skills

Skill in SIEM query languages to do basic filtering etc.

Skill in scripting – Python and PowerShell.

Skill in security tools – commercial and open-source.

Skill in safely and effectively conducting research using deep web.

Skill in defensive technologies – NGFW, AV, VPN, IPS, NETFLOW, DAM, WAF, Proxy, and Web Abilities

Ability to create signature rules such as Snort, Yara.

Ability to create Sigma detection rules.

Ability to determine whether CTI is reliable, valid and relevant. Cyber Security Expertise:

Security Concepts: In-depth understanding of network security architecture, defense-in-depth principles, and incident response.

• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• Strong knowledge of security concepts, technologies, and best practices.
• Experience in incident response, threat hunting, or security monitoring.
• 4+ years of experience in cybersecurity with 2+ year in SOC/SIEM operations.
• The CDC Analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone) based on the security event severity
• Knowledge of network security, incident response, and MITRE ATT&CK.
• Proficiency in SIEM, scripting (Python, PowerShell), and security tools.
• Knowledge of network and application security, firewalls, intrusion detection systems, and other security technologies.
• Ability to work effectively under pressure and prioritize multiple tasks.
• Relevant industry certifications (e.g. CySA+, CEH, eJPT, eCIR, eTHP, SOC-200)
• A commitment to continuous learning and staying current with the evolving cybersecurity landscape.

A leading Talent Acquisition Company in Saudi Arabia is seeking a talented Cyber Defense Center Analyst to join our esteemed team in Saudi Arabia. In this critical role, you will monitor, analyze, and respond to cybersecurity incidents within an operational environment. Your expertise will help safeguard our clients’ information systems, and you will collaborate closely with other cybersecurity professionals to develop and enhance incident response strategies.

The Cyber Defense Center Analyst will utilize advanced security tools to detect, analyze, and mitigate potential threats and vulnerabilities. Responsibilities include conducting thorough investigations into incidents, preparing reports, and working with various stakeholders to improve overall security posture.

Your analytical skills and attention to detail are vital in supporting the mission of ensuring information security and defending against cyber threats.

• Monitor security events from SIEM, tickets, email, and phone channels.
• Investigate and escalate incidents based on severity.
• Analyze cyber threat intelligence and emerging threats.
• Perform incident triage and provide remediation recommendations.
• Track and document cyber incidents.
• Support configuration and management of security monitoring tools (SIEM, NETFLOW, etc.).
• Collaborate with technical teams to enhance security systems and processes.
• Document security procedures, configurations, and incidents.

• Knowledge of cybersecurity considerations for database systems.
• Knowledge of Threat Hunting and MITRE ATT&CK methodology.
• Knowledge of network traffic protocols, methods, and management.
• Knowledge of cyber threat intelligence sources and their capabilities.
• Proficiency in SIEM query languages for basic filtering.
• Scripting skills in Python and PowerShell.
• Experience with security tools—both commercial and open-source.
• Ability to conduct research using the deep web safely and effectively.
• Familiarity with defensive technologies such as NGFW, AV, VPN, IPS, NETFLOW, DAM, WAF, Proxy, and Web Abilities.
• Ability to create signature rules (e.g., Snort, Yara) and Sigma detection rules.
• Ability to assess the reliability, validity, and relevance of cyber threat intelligence.

• Deep understanding of network security architecture, defense-in-depth principles, and incident response.
• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• Strong knowledge of security concepts, technologies, and best practices.
• Experience in incident response, threat hunting, or security monitoring.
• Minimum 4 years of cybersecurity experience, including at least 2 years in SOC/SIEM operations.
• Knowledge of network security, incident response, and MITRE ATT&CK framework.
• Proficiency in SIEM, scripting (Python, PowerShell), and security tools.
• Familiarity with network and application security technologies such as firewalls and intrusion detection systems.
• Ability to work effectively under pressure and prioritize tasks.
• Relevant industry certifications (e.g., CySA+, CEH, eJPT, eCIR, eTHP, SOC-200).
• Commitment to continuous learning and staying current with cybersecurity developments.

Experience driving progress, solving problems, and mentoring more junior team members; deeper expertise and applied knowledge within relevant area.

Apply

• link Copy link

info_outline X Please note: Applicants to this role must have work authorization in Saudi Arabia as this role is not eligible for work visa sponsorship.Note: Google's hybrid workplace includes remote and in-office roles. By applying to this position you will have an opportunity to share your preferred working location from the following:

In-office locations: Riyadh Saudi Arabia.
Remote location(s): Saudi Arabia.

• Bachelor's degree or equivalent practical experience.
• 7 years of experience in an investigative role involved in the production of threat intelligence for decision-makers/customers and involved in direct customer support.
• Experience in an operational role involved in the research and writing of threat intelligence products for decision-makers/customers.

• Experience in program management or business.
• Experience in using tools for analysis such as intrusion operations, enterprise security controls, log analysis, network flow and traffic analysis, incident response processes, cyber attack life-cycles and models.
• Experience working in a government environment and with host and network forensic reports of electronic media, packet capture, log data analysis, malware triage and network.
• Experience with malware/security, Google products, and working in an investigative or incident response environment.
• Understanding of cyber security concepts, common enterprise IT infrastructure components, operating system internals and networking.

As a Security Consultant, you will be responsible for helping clients effectively prepare for, proactively mitigate, and detect and respond to cyber security threats. Security Consultants have an understanding of computer science, operating system functionality and networking, cloud services, corporate network environments and how to apply this knowledge to cyber security threats.

As a Security Consultant, you could work on engagements including assisting clients in navigating technically complex and high-profile incidents, performing forensic analysis, threat hunting, and malware triage. You may also test client networks, applications and devices by emulating the latest techniques to help them defend against threats, and will be the technical advocate for information security requirements and provide an in-depth understanding of the information security domain. You will also articulate and present complex concepts to business stakeholders, executive leadership, and technical contributors and successfully lead complex engagements alongside cross functional teams.

Mandiant Services provides incident response, assessment, transformation, managed detection and response, and training services with direct tactical support.

In this role, you will ensure the delivery of actionable intelligence to each customer’s security or operational environments in order to deliver decision making and decisive action. You will also act as a conduit to Mandiant’s extensive network of cyber security, threat intelligence, and information operations professionals.

Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone.

• Evaluate current, emerging tools and best practices for tracking advanced persistent threats, tools, techniques, and procedures (TTPs) of attacker’s motivations, industry and attacker trends.

• Correlate intelligence, to develop understandings of tracked threat activity.

• Prepare and deliver briefings and reports to the client’s executives, security team, or analysts.

Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy , Know your rights: workplace discrimination is illegal , Belonging at Google , and How we hire .

Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.

To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.