14 Incident Response jobs in Riyadh

Overview

Cyber Security Analyst with robust knowledge of cybersecurity regulations, standards and controls. Fluent in cyber incident detection, response and management. Strong understanding of ICT, including hardware, software and networks. Expertise in preparing and analyzing cybersecurity reports. Experience in ICT / cybersecurity audit / compliance / regulatory discussions. Fluent in Arabic and English.

• Participate in cyber incident detection, response and management activities.
• Contribute to ICT / Cybersecurity audits and regulatory discussions as needed.
• Prepare and analyze cybersecurity reports and related documentation.
• Collaborate in a team-focused environment that emphasizes continuous improvement, quality, accountability and ethical practices in project and change management.
• Mentor and develop talent within information and cyber security management functions where applicable.

• Bachelor s degree in Computer Science, Information Security, or related field.
• Extensive experience in incident handling and reporting (at least 3 years in a similar role).
• Professional certifications: Security+, CCNA or CCNP; NSE4 or related incident response certifications preferred.
• Strong analytical and problem-solving skills.
• Knowledge of network security zones, firewall configurations, IDS policies.
• Knowledge of systems communications from Layer 1 to 7.
• Experience with systems administration, middleware, and application administration.
• Experience with network and network security tools administration.
• Experience with log search tools and regular expressions.
• Experience with packet capture and analysis.
• Experience with security assessment tools (NMAP, Nessus, Metasploit, Netcat).
• Ability to create and execute a containment strategy.

Job Description

• Robust knowledge of Cybersecurity regulations, standards, and controls.
• Fluent in Cyber Incident Detection, Response, and Management.
• Strong understanding of ICT, including Hardware, Software, and Networks.
• Expertise in preparing and analyzing Cybersecurity reports.
• Experience in ICT / Cybersecurity Audit / Compliance / Regulatory discussions. Professional Certifications: Security+, CCNA, CCNP, or NSE4A.
• Collaborative team player who fosters a culture of continuous improvement and empowers team members to achieve their best.
• An individual committed to quality, accountability, and ethical practices in project and change management.
• Passionate about mentoring and developing talent within the information and cybersecurity management functions.
• Fluent in Arabic and English languages.

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field.
• At least 3 years of experience in incident handling and reporting.
• Professional certifications related to incident response are preferred.
• Strong analytical and problem-solving skills.
• Knowledge of network security zones, firewall configurations, and IDS policies.
• Knowledge of systems communications from Layer 1 to 7.
• Experience with Systems Administration, Middleware, and Application Administration.
• Experience with Network and Security tools administration.
• Proficiency with log search tools and regular expressions.
• Knowledge of packet capture and analysis.
• Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat).
• Ability to create and execute containment strategies.

Our Culture:

At Hulool Zaintech for Information Technology we are proud of our culture and how it drives everything we do. We are looking for individuals who share our values and want to be part of a unique and engaging culture that revolves around collaboration and innovation. If you are looking for a role where you can drive engagement and excellence across teams through commitment and collaboration, and are someone who is customer-centric and appreciates an organization with uncompromised integrity that focuses on employee engagement then read on to learn more about how you can become part of the Hulool Zaintech family.

Our Code of Conduct

At Hulool Zaintech for Information Technology we strictly adhere to our code of conduct, which is there to serve as a moral compass, offering a framework for responsible behaviours and enabling ethical choices that cultivate positive relationships and a better future. It also outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across the countries we engage with.

Every year, all employees are required to review, comprehend, confirm, and adhere to the code of conduct. Additionally, all newly hired employees are subject to the same as part of their onboarding process.

The SOC L1 team plays a critical role in maintaining the security posture of an organization and protecting it from cyber threats.

Duties and Responsibilities:

• Performing initial analysis on true positive alerts to determine root cause and impact.
• Undertake first stages of false positive and false negative analysis.
• Generate weekly reports from SIEM platform and send it to L2 SOC analysts for review
• Track and update incidents and requests based on client’s updates and analysis results
• Escalate validated and confirmed incidents as per escalation procedures.
• Collection of necessary logs that could help in the incident containment and security investigation
• Acknowledge, analyze and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
• Acknowledge, analyze and validate incidents triggered from correlated events through SIEM solution.
• Other duties related to the position

• Bachelor's degree in Cyber Security, Computer Science, or any IT-related field
• 0-2 years of experience, fresh graduates are welcome to apply

Minimum two of the below Certificates:

• Security+
• CEH
• eLearnSecurity Certified Incident Responder
• EC-Council Certified Security Analyst

Our Culture:

At Hulool Zaintech for Information Technology we are proud of our culture and how it drives everything we do. We are looking for individuals who share our values and want to be part of a unique and engaging culture that revolves around collaboration and innovation. If you are looking for a role where you can drive engagement and excellence across teams through commitment and collaboration, and are someone who is customer-centric and appreciates an organization with uncompromised integrity that focuses on employee engagement then read on to learn more about how you can become part of the Hulool Zaintech family.

Our Code of Conduct

At Hulool Zaintech for Information Technology we strictly adhere to our code of conduct, which is there to serve as a moral compass, offering a framework for responsible behaviours and enabling ethical choices that cultivate positive relationships and a better future. It also outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across the countries we engage with.

Every year, all employees are required to review, comprehend, confirm, and adhere to the code of conduct. Additionally, all newly hired employees are subject to the same as part of their onboarding process.

The SOC L1 team plays a critical role in maintaining the security posture of an organization and protecting it from cyber threats.

Duties and Responsibilities:

• Performing initial analysis on true positive alerts to determine root cause and impact.
• Undertake first stages of false positive and false negative analysis.
• Generate weekly reports from SIEM platform and send it to L2 SOC analysts for review
• Track and update incidents and requests based on client’s updates and analysis results
• Escalate validated and confirmed incidents as per escalation procedures.
• Collection of necessary logs that could help in the incident containment and security investigation
• Acknowledge, analyze and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
• Acknowledge, analyze and validate incidents triggered from correlated events through SIEM solution.
• Other duties related to the position

• Bachelor's degree in Cyber Security, Computer Science, or any IT-related field
• 0-2 years of experience, fresh graduates are welcome to apply

Minimum two of the below Certificates:

• Security+
• CEH
• eLearnSecurity Certified Incident Responder
• EC-Council Certified Security Analyst

Our Culture:

At Hulool Zaintech for Information Technology we are proud of our culture and how it drives everything we do. We are looking for individuals who share our values and want to be part of a unique and engaging culture that revolves around collaboration and innovation. If you are looking for a role where you can drive engagement and excellence across teams through commitment and collaboration, and are someone who is customer-centric and appreciates an organization with uncompromised integrity that focuses on employee engagement then read on to learn more about how you can become part of the Hulool Zaintech family.

Our Code of Conduct

At Hulool Zaintech for Information Technology we strictly adhere to our code of conduct, which is there to serve as a moral compass, offering a framework for responsible behaviours and enabling ethical choices that cultivate positive relationships and a better future. It also outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across the countries we engage with.

Every year, all employees are required to review, comprehend, confirm, and adhere to the code of conduct. Additionally, all newly hired employees are subject to the same as part of their onboarding process.

Duties and Responsibilities:

· Provide 24x7 monitoring (shift based), analysis and alerting of IT Security events and incidents.

• Analyze security events to verify incidents and their potential impact and risk to the clients.

• Create tickets for incident alerts and prioritize, correlate, and analyze events and incidents.

• Prepare and share incident analysis form to initiate response to validated events by engaging the required teams or resources to address the security incidents

• Analyze recurring incidents and performance of existing systems, processes, people and ensure corrective actions are taken.

• Proactive monitoring and respond to known and emerging threats against the network.

• Whitelist and fine-tuning content (use-cases) on SIEM solution.

• Threat hunting by identifying and hunting for emerging threat activities across all internal and external sources

• Perform complex data analysis in support of security event management.

• Conducting detailed & comprehensive investigation and triage on wide variety of security events and implement cleanup and remediation processes.

• Participation on Incident Response that includes root cause and lessons learned.

• Participation in the development of new logic and analytical capabilities.

· 3+ years’ experience in SOC operation or with common security operations systems, Intrusion Detection Systems (IDS/IPS), Security Incident Event Management systems (SIEM), anti-virus log collection systems, etc.

· Excellent security data analytical and problem-solving skills.

· Good knowledge and expertise of using SIEMSOAR technologies for event investigation

· Demonstrated experience with a wide variety of security logs to detect and resolve security issues.

· Demonstrated success as a member of a highly collaborative team.

· Excellent written and oral communication skills

· Good understanding of the incident response process

Our Culture:

At Hulool Zaintech for Information Technology we are proud of our culture and how it drives everything we do. We are looking for individuals who share our values and want to be part of a unique and engaging culture that revolves around collaboration and innovation. If you are looking for a role where you can drive engagement and excellence across teams through commitment and collaboration, and are someone who is customer-centric and appreciates an organization with uncompromised integrity that focuses on employee engagement then read on to learn more about how you can become part of the Hulool Zaintech family.

Our Code of Conduct

At Hulool Zaintech for Information Technology we strictly adhere to our code of conduct, which is there to serve as a moral compass, offering a framework for responsible behaviours and enabling ethical choices that cultivate positive relationships and a better future. It also outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across the countries we engage with.

Every year, all employees are required to review, comprehend, confirm, and adhere to the code of conduct. Additionally, all newly hired employees are subject to the same as part of their onboarding process.

Duties and Responsibilities:

· Provide 24x7 monitoring (shift based), analysis and alerting of IT Security events and incidents.

• Analyze security events to verify incidents and their potential impact and risk to the clients.

• Create tickets for incident alerts and prioritize, correlate, and analyze events and incidents.

• Prepare and share incident analysis form to initiate response to validated events by engaging the required teams or resources to address the security incidents

• Analyze recurring incidents and performance of existing systems, processes, people and ensure corrective actions are taken.

• Proactive monitoring and respond to known and emerging threats against the network.

• Whitelist and fine-tuning content (use-cases) on SIEM solution.

• Threat hunting by identifying and hunting for emerging threat activities across all internal and external sources

• Perform complex data analysis in support of security event management.

• Conducting detailed & comprehensive investigation and triage on wide variety of security events and implement cleanup and remediation processes.

• Participation on Incident Response that includes root cause and lessons learned.

• Participation in the development of new logic and analytical capabilities.

· 3+ years’ experience in SOC operation or with common security operations systems, Intrusion Detection Systems (IDS/IPS), Security Incident Event Management systems (SIEM), anti-virus log collection systems, etc.

· Excellent security data analytical and problem-solving skills.

· Good knowledge and expertise of using SIEMSOAR technologies for event investigation

· Demonstrated experience with a wide variety of security logs to detect and resolve security issues.

· Demonstrated success as a member of a highly collaborative team.

· Excellent written and oral communication skills

· Good understanding of the incident response process

At Hulool Zaintech for Information Technology we are proud of our culture and how it drives everything we do. We are looking for individuals who share our values and want to be part of a unique and engaging culture that revolves around collaboration and innovation. If you are looking for a role where you can drive engagement and excellence across teams through commitment and collaboration, and are someone who is customer-centric and appreciates an organization with uncompromised integrity that focuses on employee engagement then read on to learn more about how you can become part of the Hulool Zaintech family.

At Hulool Zaintech for Information Technology we strictly adhere to our code of conduct, which is there to serve as a moral compass, offering a framework for responsible behaviours and enabling ethical choices that cultivate positive relationships and a better future. It also outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across the countries we engage with.

Every year, all employees are required to review, comprehend, confirm, and adhere to the code of conduct. Additionally, all newly hired employees are subject to the same as part of their onboarding process.

• Provide 24x7 monitoring (shift based), analysis and alerting of IT Security events and incidents.
• Analyze security events to verify incidents and their potential impact and risk to the clients.
• Create tickets for incident alerts and prioritize, correlate, and analyze events and incidents.
• Prepare and share incident analysis form to initiate response to validated events by engaging the required teams or resources to address the security incidents
• Analyze recurring incidents and performance of existing systems, processes, people and ensure corrective actions are taken.
• Proactive monitoring and respond to known and emerging threats against the network.
• Whitelist and fine-tuning content (use-cases) on SIEM solution.
• Threat hunting by identifying and hunting for emerging threat activities across all internal and external sources
• Perform complex data analysis in support of security event management.
• Conducting detailed & comprehensive investigation and triage on wide variety of security events and implement cleanup and remediation processes.
• Participation on Incident Response that includes root cause and lessons learned.
• Participation in the development of new logic and analytical capabilities.
• 3+ years’ experience in SOC operation or with common security operations systems, Intrusion Detection Systems (IDS/IPS), Security Incident Event Management systems (SIEM), anti-virus log collection systems, etc.
• Excellent security data analytical and problem-solving skills.
• Good knowledge and expertise of using SIEM/SOAR technologies for event investigation
• Demonstrated experience with a wide variety of security logs to detect and resolve security issues.
• Demonstrated success as a member of a highly collaborative team.
• Excellent written and oral communication skills
• Good understanding of the incident response process

Our Culture:

At Hulool Zaintech for Information Technology, we are proud of our culture and how it drives everything we do. We seek individuals who share our values and want to be part of a unique, engaging culture centered around collaboration and innovation. If you are looking for a role where you can enhance engagement and excellence across teams through commitment and collaboration, and are customer-centric with a focus on integrity and employee engagement, then read on to learn how you can join the Hulool Zaintech family.

Our Code of Conduct:

We strictly adhere to our code of conduct, which serves as a moral compass, providing a framework for responsible behavior and ethical decision-making. It outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across all countries we operate in. All employees review, understand, and adhere to this code annually, including new hires during onboarding.

Duties and Responsibilities:

1. Manage, configure, test, and integrate the SIEM system, focusing on content development such as reports, dashboards, real-time rules, filters, and channels.
2. Develop and deploy new content (use-cases) on SIEM solutions based on business or threat requirements, with the engineering team's support.
3. Conduct breach and investigative analysis to trace activities related to advanced threats.
4. Investigate and escalate complex or high-severity security threats or incidents.
5. Serve as an escalation resource and mentor for other analysts.
6. Collaborate with SIEM engineering and security partners to develop and refine correlation rules.
7. Maintain expertise in advanced persistent threats, forensics, and incident response practices.
8. Perform threat hunting to identify emerging threat activities across internal and external sources.
9. Coordinate evidence gathering, documentation, and review security incident reports.
10. Assist in defining and driving strategic security initiatives.
11. Create and develop SOC processes and procedures in collaboration with Level 1 and Level 2 analysts.
12. Recommend improvements to security policies, procedures, and architecture based on operational insights.
13. Develop operational and executive reports.
14. Analyze security events to verify incidents, assessing their impact and risk to clients.
15. Prepare incident analysis reports and coordinate responses with relevant teams.
16. Support log integration activities and reduce false positives.
17. Assist during incident containment, investigation, eradication, and recovery phases.
18. Provide data support for SOC reports and metrics.
19. Monitor for false positives and work with engineering to address them.
20. Analyze recurring incidents and system performance, implementing corrective actions.
21. Document and update playbooks and procedures.

Minimum Requirements:

• 5+ years of experience in SOC operations, monitoring, and event analysis.
• Expertise in security monitoring and analysis platforms and related technologies.
• Excellent analytical and problem-solving skills.
• Advanced knowledge of SIEM/ SOAR technologies for event investigation.
• Strong understanding of incident handling and response techniques.
• Extensive experience in incident response, handling, and security operations.

Our Culture:

At Hulool Zaintech for Information Technology, we are proud of our culture and how it drives everything we do. We seek individuals who share our values and want to be part of a unique, engaging culture centered around collaboration and innovation. If you are looking for a role where you can enhance engagement and excellence across teams through commitment and collaboration, and are customer-centric with a focus on integrity and employee engagement, then read on to learn how you can join the Hulool Zaintech family.

Our Code of Conduct:

We strictly adhere to our code of conduct, which serves as a moral compass, providing a framework for responsible behavior and ethical decision-making. It outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across all countries we operate in. All employees review, understand, and adhere to this code annually, including new hires during onboarding.

Duties and Responsibilities:

1. Manage, configure, test, and integrate the SIEM system, focusing on content development such as reports, dashboards, real-time rules, filters, and channels.
2. Develop and deploy new content (use-cases) on SIEM solutions based on business or threat requirements, with the engineering team's support.
3. Conduct breach and investigative analysis to trace activities related to advanced threats.
4. Investigate and escalate complex or high-severity security threats or incidents.
5. Serve as an escalation resource and mentor for other analysts.
6. Collaborate with SIEM engineering and security partners to develop and refine correlation rules.
7. Maintain expertise in advanced persistent threats, forensics, and incident response practices.
8. Perform threat hunting to identify emerging threat activities across internal and external sources.
9. Coordinate evidence gathering, documentation, and review security incident reports.
10. Assist in defining and driving strategic security initiatives.
11. Create and develop SOC processes and procedures in collaboration with Level 1 and Level 2 analysts.
12. Recommend improvements to security policies, procedures, and architecture based on operational insights.
13. Develop operational and executive reports.
14. Analyze security events to verify incidents, assessing their impact and risk to clients.
15. Prepare incident analysis reports and coordinate responses with relevant teams.
16. Support log integration activities and reduce false positives.
17. Assist during incident containment, investigation, eradication, and recovery phases.
18. Provide data support for SOC reports and metrics.
19. Monitor for false positives and work with engineering to address them.
20. Analyze recurring incidents and system performance, implementing corrective actions.
21. Document and update playbooks and procedures.

Minimum Requirements:

• 5+ years of experience in SOC operations, monitoring, and event analysis.
• Expertise in security monitoring and analysis platforms and related technologies.
• Excellent analytical and problem-solving skills.
• Advanced knowledge of SIEM/ SOAR technologies for event investigation.
• Strong understanding of incident handling and response techniques.
• Extensive experience in incident response, handling, and security operations.