51 Soc Analyst jobs in Saudi Arabia

Job Summary:

We are seeking a skilled and experienced SOC Analyst to join our cybersecurity team in Khafji. The ideal candidate will have hands-on experience in a Security Operations Center (SOC) environment, with strong expertise in penetration testing, threat hunting, and incident response. This role is critical in defending our infrastructure against cyber threats and ensuring compliance with information security standards.

Key Responsibilities:

• Monitor, detect, and respond to security incidents across enterprise systems.
• Conduct penetration testing and vulnerability assessments.
• Perform cyber threat hunting (CTH) and analysis using CTI feeds.
• Manage and configure Intrusion Prevention Systems (IPS) and firewalls.
• Investigate and analyze security breaches and recommend mitigation strategies.
• Collaborate with IT and security teams to improve overall security posture.
• Maintain and update security documentation and incident reports.

Required Qualifications:

• Experience:
  4 to 8 years in a SOC.
• Certifications:
  Must hold at least one cybersecurity certification (e.g., CEH, GCIH, Security+, CISSP).

Technical Skills:

• Penetration Testing
• Cyber Threat Hunting (CTH)
• Cyber Threat Intelligence (CTI)
• Linux
• IPS and Firewall Management
• Information Security Principles

Company Description

Green Circle for Cybersecurity is a leading provider of managed cybersecurity services in the Middle East, with offices in Riyadh, Amman, and London. We specialize in delivering advanced cybersecurity solutions, including Security Operations Center (SOC) services, penetration testing, compliance & governance, and AI-driven threat intelligence. Our expert team provides 24/7 monitoring, incident response, and proactive defense strategies to protect businesses against evolving cyber threats. Green Circle is dedicated to enhancing organizations' security posture and resilience with a strong focus on regional compliance and industry best practices.

Role Description

This is a full-time on-site role located in Riyadh for a SOC Analyst. The SOC Analyst will be responsible for monitoring network and system activity, identifying security events, and analyzing potential threats. Daily tasks include conducting cyber threat hunting (CTH), utilizing cyber threat intelligence (CTI), and responding to security incidents. The role requires collaboration with the security operations center team to ensure effective defense strategies and incident resolutions.

Qualifications

• Skills in Cyber Threat Hunting (CTH) and Cyber Threat Intelligence (CTI)
• Strong Analytical Skills and experience in Security Operations Center
• Knowledge and expertise in Cybersecurity best practices and procedures
• Excellent written and verbal communication skills
• Attention to detail and problem-solving abilities
• Bachelor's degree in Cybersecurity, Information Technology, or a related field
• Industry certifications such as CISSP, CISM, or equivalent are a plus
• Ability to work effectively in a high-pressure environment
• Experience in one of the following vendors : ThreatDefence , Qradar, Splunk, Elastic.

Company Overview:

Advanced technology and cybersecurity company (sirar) established by stc, the region's ICT and digital services provider, sirar by stc is a cutting-edge cybersecurity provider that empowers organization to take control of their cyber capabilities and digital environments as experts in business security and privacy.

We offer a comprehensive range of solutions that help you to operate online safely, securely, and efficiently. The tools we provide help organizations detect and prevent cybersecurity attacks, safeguard their digital future, and provide protection and security from that point forward.

Key Responsibilities:

• Uses cybersecurity defense tools and technologies to monitor, analyze and responds system activity continuously to identify real time customer cybersecurity events/incidents and determine possible causes as 1st response level.
• Identifies, categorizes, prioritizes, investigates, and reports incoming alerts of cybersecurity events/incidents to MSOC customers as per defined MSOC processes, playbook & guidelines through official channels (sirar Ticketing System & MSOC Email).
• Prepares and generates the required MSOC Daily, Weekly & Monthly reports to stakeholders.
• Performs indicator of compromise (IoCs), threats and type of Attacks and Notify MSOC customers for sweep results
• Handles the customer's tickets & emails on required alerts during the shift within SLA.
• Resolves False Positive events into security solutions.
• Checks customer general logs, devices log specially for critical devices and reports for stakeholders.
• Opens/reassigns ticket to MSS development team to implement the recommended actions that approved by MSOC customer which under MSS development team case study.
• Reports unclear/noisy events and major incidents to 2nd level to evaluate & take action.
• Contributes to the overall success of the company by performing all other duties and responsibilities as assigned by line manager.

Academic Qualification:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related discipline

Professional Certificate:

• Certificate in CCNA Security/CompTIA/Security+.

Years of Experience:

• 0-1 Year in relevant experience.

Skills:

• Basic proficiency in recognizing vulnerabilities in security systems.
• Basic proficiency in using intrusion detection technologies to detect host and network-based intrusions.
• Basic proficiency in effectively recognizing and categorizing types of vulnerabilities and associated attacks.
• Basic proficiency in assessing security controls based on cybersecurity principles and tenets.
• Basic proficiency in effectively performing root cause analysis for cybersecurity issues.

Level 1 SOC Analysts onsite in Saudi Arabia

Level 1 SOC Analyst – Saudi Arabia

Job Role / Experience and Responsibilities :

• Incident management, call logging and assignment
• Basic troubleshooting and user assistance. 24*7 Monitoring and Analysis of Security Events received through SIEM security appliances.
• Prioritizing and allocating Security devices onboarding service requests for fulfilment
• Knowledge in SIEM tool, Splunk, NetIQ, CCNA, CCSP, QRadar (6-12 months + experience)
• Assign trouble tickets to self and provide first call resolution to know issues.
• Escalate the trouble tickets to level 2 & 3 engineers as per SLA
• Update customers on status of incident resolution as per SLA
• Participate in a 24x7 call-out ROTA as per the shift schedule
• Activities during the operation support can include assisting customer team in any of the following areas:
• Continuously monitoring SOC tools for alerts and security incidents
• 24x7 Security Monitoring the threat detection capabilities
• Classifying incidents into appropriate categories

If your interested please send your CV and we will call you to discuss.

• Monitor for malware, ransomware, phishing, and other threats

• Analyze threat intelligence to predict and prevent attacks.

• Work in or with a SOC to monitor security alerts

• Analyze logs from firewalls, intrusion detection systems (IDS), and other tools

• Respond to security breaches

• Investigate incidents, contain damage, and coordinate recovery efforts

• Identify vulnerabilities through penetration testing or audits

• Recommend security enhancements

• Develop and enforce security policies

• Assist in designing secure IT systems

• Evaluate and implement cybersecurity tools

• Educate employees on security best practices

• Conduct phishing simulations and awareness campaign

• Coordinates with incident response teams.

• Investigates and triages suspicious activities.

Company Overview:

Advanced technology and cybersecurity company (sirar) established by stc, the region's ICT and digital services provider, sirar by stc is a cutting-edge cybersecurity provider that empowers organization to take control of their cyber capabilities and digital environments.

As experts in business security and privacy.

We offer a comprehensive range of solutions that help you to operate online safely, securely, and efficiently. The tools we provide help organizations detect and prevent cybersecurity attacks, safeguard their digital future, and provide protection and security from that point forward.

Key Responsibilities:

• Participates in leading incident response team effectively and efficiency and respond to cyber Contribute as a team member during incident response engagements and respond to cyber security incidents to clients within Saudi Arabia and GCC region that involve non-traditional working hours and willing to routinely travel with less than 48-hour notice.
• Contributes as a team member during compromise Assessment engagements for clients within Saudi Arabia and GCC region.
• Contributes to adversary hunting (Tactics, Techniques, and Procedures) on clients' environments utilizing different tools and techniques.
• Facilitates and coordinates client meetings, required documentation and provide support to team leads.
• Contributes to incident response and compromise assessment reports' writing.
• Shadows Incident response lead in deep dive analysis of compromised assets.
• Supports during the deployment and configuration of EDR and NDR technologies as per lead consultant instructions.
• Spots false positive findings during Incident Response and compromise assessment engagement.
• Maintains a thriving environment with team members.
• Adheres to departmental and section processes, procedures, and standards.
• Contributes to existent EDR solution's fine tuning detection rules exercise.
• Able to quickly learn and understand new technologies and techniques related to incident response and cyber security in general.
• Updates about latest cybersecurity attacks, threats, and analysis techniques.
• Parses and analyzes host behaviors, logs, artifacts, and network traffic to detect threats and identify anomalies.
• Understands collection scripts and contribute to finding workarounds to collect and analyze data when deploying an EDR is not possible.

Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related discipline.

Professional Certificate such as the below are Preferred:

• Professional Certificate such as GCIH, GCFA, GCFE, GNFA, GREM, or any other equivalent certifications is preferred.

Years of Experience:

• A minimum of 7 years in relevant experience.

Skills:

• Advance knowledge of current cyber security threats, attacks, tactics, techniques, and countermeasures.
• Intermediate knowledge of the Incident Response Lifecycle, the Cyber Kill Chain. framework, MITRE ATT&CK framework, and their related tactics, techniques, tools, procedures.
• Advance knowledge of digital forensics and its methodology, security and network architectures, operating systems (including Linux/Unix and Windows).
• Advance knowledge of network forensic artifacts' collection and analysis.
• Advance knowledge of utilizing a variety of leading network and host forensic tools.
• Intermediate proficiency in written and verbal communication skills.
• Intermediate knowledge in operating systems.

Company Description
Innovative Solutions (IS) is a leading cybersecurity company established in 2003, with its headquarters in Riyadh and a strong presence throughout the GCC, including Al Khobar, Jeddah, Dubai, and Abu Dhabi. We provide a comprehensive array of cybersecurity services, from advisory and technical assurance to solution deployment and managed security services. Our mission is clear: to bring trust to cyberspace and ensure that your business is well secured.

Role Description
As a Senior Incident Response Specialist at Innovative Solutions, you will be at the forefront of defending our organization and clients against cyber threats. You will lead incident response activities, oversee investigations, develop response strategies, and liaise with other teams to manage complex incidents effectively. Your expertise will be pivotal in enhancing our incident response capabilities and driving continuous improvement in our security operations.

Responsibilities

• Lead incident response activities for security incidents across the organization
• Conduct thorough investigations of security breaches and incidents to identify root causes and impacts
• Present findings to stakeholders and assist in reporting processes post incident
• Assist in creating and maintaining documentation related to incident handling and response activities
• Conduct digital forensics and malware analysis to support investigations and determine root cause, impact, and scope
• Participate in red/blue/purple team exercises to test and improve response readiness
• Stay updated on emerging threats, attack techniques, and incident response best practices
• Perform proactive threat hunting based on intelligence, anomalies, and advanced detection techniques
• Act as a technical point of contact for incident response analysts, providing guidance, and mentorship
• Collaborate with SOC, threat intelligence, vulnerability management, and IT/OT teams to improve detection and response capabilities

Requirements

• Bachelor's degree in computer science, cyber security, or a related field
• 3+ years of experience in incident response or a related cybersecurity role
• Relevant certifications such as GCIA, GCIH, GCFA, GNFA, BTL1, OSDA, CDSA, or PSAA
• Proven track record of handling advanced persistent threats, ransomware, insider threats, and cloud security incidents
• Strong knowledge of operating systems, networking protocols, and security technologies
• Experience with SIEM, EDR, SOAR platforms, forensic tools, and malware analysis frameworks
• Strong written and verbal communication skills, capable of engaging with different levels of stakeholders
• Ability to work in a fast-paced environment and manage multiple incidents simultaneously
• Willingness to participate in on-call duties and rotate shifts as needed

Benefits

• Comprehensive training and development programs
• Opportunity for career growth and advancement
• Friendly and supportive work environment

Innovative Solutions (IS) is a distinguished Cybersecurity company, founded in 2003 and headquartered in Riyadh, with a strong presence across the GCC region, including Al Khobar, Jeddah, Dubai, and Abu Dhabi. We specialize in a broad array of Cybersecurity solutions and services, encompassing Advisory Services, Technical Assurance, Solution Deployment, Professional Services, and Managed Security Services.

At Innovative Solutions, our mission is to "Bring Trust to Cyberspace" to ensure "Your Business, Secured".

As the Incident Response Team Lead at Innovative Solutions, you will oversee our incident response team's activities, ensuring swift and effective responses to cybersecurity incidents. You will lead investigations, coordinate responses, and develop strategies to improve our incident response capabilities. You will also mentor team members, promoting continuous improvement in processes and practices to enhance the cyber resilience of our organization and clients.

Responsibilities:

• Lead and manage the incident response team, setting priorities, assigning tasks, and ensuring timely resolution of incidents.
• Provide mentorship, coaching, and skills development for team members.
• Act as the central escalation point of contact for critical and complex incidents.
• Develop and manage incident response metrics, reporting, and performance KPIs.
• Provide executive briefings and updates during major security incidents
• Ensure incident response processes compliance with regulatory frameworks.

DFIR Operations:

• Oversee incident response lifecycle.
• Coordinate technical and business stakeholders during incidents, ensuring clear communication and structured escalation.
• Lead root cause analysis, digital forensics, and threat hunting activities for critical incidents.
• Ensure proper documentation of incidents, including timelines, actions taken, and lessons learned.

Process and Improvements:

• Develop, implement, and maintain incident response playbooks, runbooks, and escalation processes.
• Coordinate and lead tabletop exercises, red team/purple team simulations, and incident readiness drills.
• Collaborate with SOC, threat intelligence, vulnerability management, and IT/OT security teams to enhance detection and response capabilities.

• Bachelor's degree in computer science, cyber security, or a related field. Master's degree is a plus.
• 3+ years of experience in cybersecurity, with a focus on incident response.
• Proven experience leading incident response teams and managing incidents effectively.
• Relevant certifications such as GCIA, GCIH, GCFA, GNFA, BTL1, OSDA, CDSA, or PSAA. CISSP is a plus.
• Strong expertise in incident response methodologies and frameworks.
• Excellent leadership, communication, and interpersonal skills.
• Ability to think critically and make sound decisions under pressure.

• Comprehensive training and development programs.
• Opportunity for career growth and advancement.
• Friendly and supportive work environment.

We're Hiring: Senior Compliance & Incident Response Manager

Keeta is an independent brand of Meituan, the world's largest tech-driven retail company. Keeta is revolutionizing the food delivery space. As a dynamic and innovative global platform, Keeta leverages cutting-edge technology to provide fast, reliable, and seamless food delivery experiences. With the mission "We help people eat better, live better", Keeta launched in 2023 and has rapidly expanded across key regions, including Hong Kong, Saudi Arabia and now in Brazil.

Are you passionate about public safety, regulatory coordination, and emergency response? Do you thrive in fast-paced, high-growth environments where safety and compliance are mission-critical? Join us in building a safer ecosystem for our platform and users.

What You'll Do

• Emergency Response:
  Lead swift and effective responses to traffic accidents, public safety events, fire hazards, and more.
• Daily Safety Ops:
  Analyze safety data, implement risk prevention strategies, and manage safety documentation.
• Regulatory Liaison:
  Act as the bridge between our team and local regulatory authorities—ensuring compliance and alignment with jurisdictional protocols.
• Cross-functional Support:
  Collaborate with HQ and cross-regional teams on initiatives and directives.

Why Keeta?

Innovation-Driven: Keeta uses the advanced technology solutions to disrupt the traditional food delivery landscape, making every order smarter and faster.

Fast-Growing & Dynamic: Keeta is expanding quickly, offering endless opportunities for personal and professional growth.

Global Impact: Join a company that's transforming the way people enjoy food, impacting communities around the world.

What We're Looking For

Education & Experience:
Bachelor's degree or above with 5+ years in corporate safety, compliance, or emergency management.

Professional Skills:

• Solid grasp of safety workflows and local regulatory processes.
• Background in internet/tech platforms is a plus.
• Prior corporate safety-related experience required.

Soft Skills:

• Excellent communication & coordination skills.
• Strong business writing and verbal expression.
• Team player with a hands-on, problem-solving attitude.

Mindset & Flexibility:

• Detail-oriented and responsible.
• Comfortable working under pressure.
• Open to short-term business travel.

Language Skills:

Fluent in Arabic, English, and Mandarin

Bonus Points If You Have

• Managing public security events, fire safety, or traffic emergencies.
• Experience dealing directly with safety regulatory authorities and compliance agencies.

Location: Jeddah, Saudi Arabia

Apply now or reach out to our talent team to learn more.