26 Soc Engineer jobs in Saudi Arabia

Key Responsibilities :

• Monitor security alerts and events using SIEM tools and other monitoring systems.

• investigate, triage, and respond to cybersecurity incidents in real-time.

• Coordinate incident response activities across teams and escalate critical event.

• Develop and maintain incident response plans, playbooks, and procedures.

• Generate incident reports and track remediation efforts.

• vulnerability assessments and penetration testing reviews.

• Risk assessment.

• analyze indicators of compromise (IOCs) and perform deep-dive investigations into suspicious activities.

• Work with compliance and audit teams to ensure compliance.

• Managing Firewall Palo Alto, Sophos.

• Protecting AICC local environment.

• Protecting AICC Cloud Azure environment

Qualifications:

• Bachelor’s degree in computer science, related field.

• Minimum 3 years of experience in cybersecurity, with at least 2 years in incident response.

• Familiarity with SIEM, SOC as services.

• Familiarity with regulator, NCA , SADIA.

• Familiarity with IT infrastructure.

Key Responsibilities :

• Monitor security alerts and events using SIEM tools and other monitoring systems.

• investigate, triage, and respond to cybersecurity incidents in real-time.

• Coordinate incident response activities across teams and escalate critical event.

• Develop and maintain incident response plans, playbooks, and procedures.

• Generate incident reports and track remediation efforts.

• vulnerability assessments and penetration testing reviews.

• Risk assessment.

• analyze indicators of compromise (IOCs) and perform deep-dive investigations into suspicious activities.

• Work with compliance and audit teams to ensure compliance.

• Managing Firewall Palo Alto, Sophos.

• Protecting AICC local environment.

• Protecting AICC Cloud Azure environment

Qualifications:

• Bachelor’s degree in computer science, related field.

• Minimum 3 years of experience in cybersecurity, with at least 2 years in incident response.

• Familiarity with SIEM, SOC as services.

• Familiarity with regulator, NCA , SADIA.

• Familiarity with IT infrastructure.

Help AG is looking for a talented and enthusiastic individual to join as a Digital Forensic and Incident Response Specialist under the Cyber Defense Department. If you have a strong knowledge and interest in incident response and/or digital forensics, this position might be the right one for you.

The Digital Forensic and Incident Response Specialist will be responsible for leading the Digital Forensics and Incident Response team and performing off-site and on-site Incident Response activities and customer engagements, leveraging multiple security technologies, guiding and leading customers in the handling of Security Incidents and examining IT and security systems using best-practice digital forensic methods to detect, validate and mitigate IT security related incidents.

Responsibilities:

• Lead and mentor the DFIR team and act on daily management tasks.
• Lead and coordinate incident response activities in unknown environments, including triage, containment, eradication, and remediation.
• Conduct in-depth forensic investigations to determine the root cause of security incidents and breaches.
• Develop and maintain standard incident response plans, best practices, policies, and procedures.
• Develop custom incident response plans tied to specific environments and customer situations.
• Collaborate with cross-functional teams, including IT, legal, and management, to ensure a coordinated response to security incidents.
• Examine and analyze logs/data from a broad variety of security technologies, such as but not limited to Antiviruses, IDS/IPS, Firewalls, Switches, VPNs and other security data and log sources.
• Perform forensic analysis of different artifacts including RAM, packet captures, logs and disk images.
• Reverse engineer malicious software and develop signatures and indicators of compromise.
• Actively develop incident response tools, scripts, and various detection content.
• Research Red Team techniques, develop custom detection queries, rules, watchlists and other content, and conduct threat hunts.
• Articulate and execute common Incident Response methods (e.g. SANS).
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Work on-site as required with clients during Live Security Incidents.
• Maintain a high degree of awareness of the current threat landscape.
• Champion excellence and support others in delivering it through active knowledge sharing with team members, writing technical articles for internal knowledge bases, blog posts and reports as required or requested.
• Create and present customer reports to ensure quality, accuracy and value to the client.
• Provide technical expertise and guidance to junior incident response and forensic investigation team members.
• Stay current with industry trends, emerging threats, and best practices in incident response and digital forensics.
• Perform other essential duties as assigned.

Qualifications & Skills:

• A degree in Computer Science, Information Systems, Electrical Engineering or a closely related degree.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience in accountability for and applying the methods of Incident Response, including adherence to process and direct engagement with stakeholders.
• 3+ years of experience in information security, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, malware analysis, reverse engineering or threat detection.
• Demonstrate experience in handling Incident Response engagements (APTs and Ransomware) using the SANS Incident Response method (or similar).
• Strong background or equivalent experience in four of the following: Security Threat and Event Analysis, Network Security Operations or Engineering, Reverse Engineering, Malware Analysis, Windows/Linux/OSX Forensics, Penetration Testing, Active Directory and Azure Administration.
• At least 2-3 years of experience as a Senior or Lead Analyst, or equivalent experience guiding, mentoring and teaching other Analysts/Security Professionals how to handle Security Incidents.
• Knowledge of attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.
• CISSP, GCIA, GCIH, GCFA, GCFE, GREM, OSCP certification would be preferable.
• Static reverse engineering and analysis of malware written in different languages (X86/X64/C/C#, Go, etc.), signatures and Yara/Snort/Sigma rules development.
• Demonstrable experience in analyzing and interpreting system, security and application logs.
• Broad knowledge of the type of events that Firewalls, IDS/IPS and other security related devices produce.
• Demonstrable experience in the use of Digital Forensics tools, techniques and concepts including creating and using custom tools and scripts.
• Strong knowledge of Red Team tactics and ability to find adversary traces on Enterprise scale.
• Rapid development in scripting languages: Python/PowerShell/Bash.
• Deep TCP/IP knowledge, networking and security product experience.

Benefits:

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement activities throughout the year.
• Tailored training & development program.

About Us:

Help AG is the cybersecurity arm of e& enterprise and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by Etisalat in Feb 2020, hence creating a cyber security and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor agnostic, trustworthy, independent, and cyber security focused. With best-of-breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Get AI-powered advice on this job and more exclusive features.

Experience Required: Minimum 3 years in DFIR or related cybersecurity role

Employment Type: Full-time

About the Role:

Security Matterz is seeking a skilledDFIR Specialist to join our growing team. In this role, you will be responsible for investigating, analyzing, and responding to complex cybersecurity incidents, as well as conducting digital forensic investigations to support our clients.

Key Responsibilities:

• Lead digital forensic investigations on endpoints, networks, and cloud environments
• Perform incident response activities including containment, eradication, and recovery
• Analyze malware, logs, and artifacts to identify root cause and impact
• Develop and document investigation reports for internal and client use
• Collaborate with SOC, threat intelligence, and other security teams
• Support continuous improvement of DFIR processes, tools, and playbooks

Qualifications:

• Minimum 3 years of hands-on experience in DFIR, cybersecurity investigations, or incident response
• Strong knowledge of forensic tools (EnCase, FTK, X-Ways, Volatility, Autopsy, etc.)
• Experience with SIEM, EDR, and threat hunting tools
• Familiarity with NIST, SANS, and other incident handling frameworks
• Excellent analytical, documentation, and communication skills
• Relevant certifications (GCFA, GCFE, CHFI, CCE, or similar) are a plus

Why Join Us?

At Security Matterz, you’ll be part of a passionate team delivering high-impact cybersecurity services across multiple industries. We value innovation, expertise, and continuous growth.

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Design, Art/Creative, and Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at Security Matterz by 2x

Get notified about new Digital Specialist jobs in Riyadh, Riyadh, Saudi Arabia .

Riyadh, Riyadh, Saudi Arabia 16 hours ago

Riyadh, Riyadh, Saudi Arabia 20 hours ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from ACWA Power

Incident Response & Forensics Manager (IT & OT) - Saudi Nationals Only

ACWA Power is seeking an experienced Incident Response & Forensics Manager (IT & OT) to lead investigation and response efforts across our global IT infrastructure and industrial control systems (ICS/SCADA).

This is a high-impact role focused on managing major cyber incidents, conducting digital forensics, and ensuring the security of both digital systems and physical OT environments .

What You’ll Be Doing:

• Lead incident response and forensic investigations across IT and OT environments.
• Triage and escalate threats from SIEM, XDR, and threat detection platforms .
• Perform detailed root cause analysis and ensure timely remediation.
• Collaborate with IT, OT, legal, compliance, and external vendors to coordinate investigations and recovery.
• Develop and conduct incident response training and simulation exercises.
• Prepare incident reports for internal stakeholders and regulatory authorities.
• Ensure compliance with frameworks like NIST, ISO 27001, NERC-CIP, and ISA/IEC 62443 .

What You Bring:

• 5+ years in cybersecurity, with hands-on incident response and forensics experience.
• Strong technical knowledge of both enterprise IT and OT systems (SCADA, ICS, PLCs).
• Experience with Splunk , ELK , QRadar , forensic tools, and malware analysis.
• Certifications such as GCIA, GCIH, GCFA, CFCE, CISSP , or GICSP are preferred.
• Exceptional communicator, able to clearly report high-stakes incidents to both technical and business stakeholders.

Why Join Us:

This is your opportunity to secure the future of a company that powers millions across the globe. At ACWA Power, you'll play a mission-critical role protecting some of the most advanced digital and industrial infrastructures in the world.

Refrain from reaching the recruiter, please apply directly.

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Services for Renewable Energy

Referrals increase your chances of interviewing at ACWA Power by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Get AI-powered advice on this job and more exclusive features.

Experience Required: Minimum 3 years in DFIR or related cybersecurity role

Employment Type: Full-time

About the Role:

Security Matterz is seeking a skilledDFIR Specialist to join our growing team. In this role, you will be responsible for investigating, analyzing, and responding to complex cybersecurity incidents, as well as conducting digital forensic investigations to support our clients.

Key Responsibilities:

• Lead digital forensic investigations on endpoints, networks, and cloud environments
• Perform incident response activities including containment, eradication, and recovery
• Analyze malware, logs, and artifacts to identify root cause and impact
• Develop and document investigation reports for internal and client use
• Collaborate with SOC, threat intelligence, and other security teams
• Support continuous improvement of DFIR processes, tools, and playbooks

Qualifications:

• Minimum 3 years of hands-on experience in DFIR, cybersecurity investigations, or incident response
• Strong knowledge of forensic tools (EnCase, FTK, X-Ways, Volatility, Autopsy, etc.)
• Experience with SIEM, EDR, and threat hunting tools
• Familiarity with NIST, SANS, and other incident handling frameworks
• Excellent analytical, documentation, and communication skills
• Relevant certifications (GCFA, GCFE, CHFI, CCE, or similar) are a plus

Why Join Us?

At Security Matterz, you'll be part of a passionate team delivering high-impact cybersecurity services across multiple industries. We value innovation, expertise, and continuous growth.

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Design, Art/Creative, and Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at Security Matterz by 2x

Get notified about new Digital Specialist jobs in Riyadh, Riyadh, Saudi Arabia .

Riyadh, Riyadh, Saudi Arabia 16 hours ago

Riyadh, Riyadh, Saudi Arabia 20 hours ago

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Qiddiya Investment Company is excited to announce an opening for the position of Manager - Security Operations (MAS7-20003640). In this pivotal role, you will be responsible for leading the security operations team to ensure a safe and secure environment for all guests, staff, and assets within our innovative entertainment destination.

As the Manager of Security Operations, you will develop and execute security policies, procedures, and training programs, overseeing their implementation throughout the organization. Your leadership will guide a diverse team of security professionals dedicated to maintaining high standards of safety and security across our operations.

Key Responsibilities:

• Develop, implement, and review comprehensive security plans and protocols in alignment with company objectives.
• Lead, train, and mentor the security team to enforce best practices in security operations.
• Conduct regular security assessments and audits to identify vulnerabilities and implement corrective actions.
• Respond to security incidents and emergencies, coordinating with law enforcement and emergency services as necessary.
• Collaborate with internal departments to create a unified approach to safety and risk management.
• Manage security technology systems, ensuring optimal functionality and integration.
• Prepare and present reports on security operations, incidents, and trends to senior management.
• Ensure compliance with legal standards and regulatory requirements related to security operations.
• Develop and deliver training programs to promote security awareness among staff and stakeholders.

Desired Candidate Profile

• Bachelor's degree in Security Management, Criminal Justice, or a related field.
• At least 5-7 years relevant experience in security management, with a minimum of 3 years in a leadership role.
• Strong knowledge of security operations, risk assessment, and incident management.
• Proficient in the use of advanced security technology and management systems.
• Excellent leadership, communication, and interpersonal skills.
• Ability to analyze security data and prepare comprehensive reports.
• Strong problem-solving skills and the ability to work under pressure.
• Professional certifications in security management (e.g., CPP, PSP) are preferred.

Company Industry

• Entertainment
• Recreation
• Theme Parks

Department / Functional Area

• Data Entry
• Operations
• Back Office Processing

Keywords

• Manager-Security Operations

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at

Unipart is proud to support Saudi Arabia’s Vision for 2030, supporting growth and providing opportunities for development and improvement. We would like you to join us as a Security Operations Manager at the Unipart site in SILZ, KSA, reporting directly to the Country Director and forming part of the Group Security Management Team.

As Security Operations Manager you’ll ensure a safe and secure environment for Unipart, its customers, and employees by effectively implementing Unipart's security framework and standards. This involves managing the Unipart site in KSA, proactively reducing risk, and overseeing third-party guarding services to ensure robust protection and adherence to contractual requirements.

As part of your key responsibilities you’ll:

• Assess and identify security risks, developing and implementing corrective action plans to reduce losses from security incidents and claims
• Conduct effective and timely incident investigations in accordance with Security and HR guidelines
• Serve as a direct escalation point for security support, including out-of-hours incidents, and be prepared to respond, manage, and escalate incidents
• Drive positive customer feedback, ensuring security services are seen as a critical business enabler and differentiator
• Manage customer complaints and advise on security issues and measures
• Develop and maintain strong collaborative relationships with internal stakeholders (site management, operations, HR, Legal, Facilities Management, Health & Safety, Data Protection) and external partners (law enforcement, legal/regulatory bodies, third-party guarding providers)

Operational Excellence & Compliance:

• Develop and maintain in-depth site security profiles, including mapping security design and installations and emergency contact lists
• Conduct regular site assessments to identify areas for improvement and cost optimisation, driving innovation and contributing to projects and mobilisations
• Ensure all security operational control processes and procedures are correctly documented and implemented (e.g., Assignment Instructions, SOPs)
• Implement and oversee site Security Risk Classification assessments and Security Audit programs
• Ensure strict compliance with customer contractual requirements and all legislative/regulatory requirements
• Provide direct operational responsibility for managing manned guarding services, ensuring sites are robustly protected and 100% correctly resourced
• Manage day-to-day operational and administration support to external guarding providers
• Collaborate with vendors on SLAs to improve security operational deliverables

Training & Development:

• Assist in the development of security documentation, SOPs, and Assignment Instructions
• Support and deliver relevant security awareness and training programs for all manned guards and internal stakeholders
• Ensure continuous development of team members (if applicable)

Performance Monitoring & Reporting:

• Produce high-quality, succinct progress reports on security risk and incident management
• Provide monthly metrics to management on security incidents and impacting events
• Develop and manage agreed manned guarding KPIs
• Ensure all physical and technological security solutions are adequate and fully functioning
• Safeguard Unipart’s business reputation by maintaining adequate security measures and standards
• Ensure operational sites are correctly risk-assessed and compliant with security auditing standards, compiling corrective action reports for non-compliant sites

About You

We’d love you to have the following skills and experience, but please apply if you think you’d be able to perform well in either of these roles!

• Minimum of 5+ years of demonstrable experience in security risk management
• Strong, effective communication skills (written and verbal) with critical thinking and sound judgment to convey information clearly and justify conclusions
• Excellent organisational skills, strong prioritisation, and the ability to multitask effectively in a fast-paced, collaborative, and independent environment
• Proven ability to perform well under pressure and prioritise workload to meet tight deadlines
• Experience and expertise in dealing with senior stakeholders and their concerns
• Demonstrable experience in conducting in-depth investigations, including identifying and investigating unexplained stock losses through data analysis
• High level of PC literacy, particularly with Microsoft Office and Google applications
• Experience in the application and management of physical/technical security systems to ensure proportionate and cost-effective control measures
• Proven experience in closely delivering effective manned guarding services
• Good numerical and literacy skills
• Proven experience of effectively managing teams and individuals in complex security and risk management environments
• Ability to effectively investigate breaches of policy that may lead to disciplinary action, including conducting in-depth management/personnel investigations
• Excellent presentation skills
• A "Can-Do" attitude with a "growth" mindset and a flexible approach to work
• Preferable minimum 5+ years of experience within Supply Chain Logistics Security
• Strong knowledge of loss prevention strategies, risk management, and security protocols
• Experience working with industry groups such as TAPA, RHA, AEO, C-TPAT, or Aviation Security (CAA)
• Formal certification from professional security bodies (e.g., PSP, CPP, CFI, CSMP)

Unipart House
Garsington Road
Cowley
Oxford
OX4 2PG
Tel: 01865 778966