119 Soc Manager jobs in Saudi Arabia

About Managed Services

Managed Services is a leading cybersecurity company in Saudi Arabia, dedicated to helping businesses protect their digital assets and ensure operational continuity. We provide advanced cybersecurity solutions, managed IT services, cloud security, and infrastructure protection to clients across multiple industries. Our mission is to empower organizations with innovative, reliable, and cost-effective technology solutions.

Position Overview

We're hiring a SOC Manager at Managed Services. You'll manage and mentor the SOC team, improve detection and response, define KPIs/SLAs, and act as the main point of contact for clients and vendors.

Responsibilities

• Team management (Coaching, mentoring and shift management)
• Ensure that the SOC team members are motivated, engaged, and productive. And defined KPIs.
• Identify opportunities for training and improvement for career growth.
• Defined KPIs and SLAs, and deliver security projects in line with management-defined priorities and deadlines
• Establishing SOC performance goals and priorities
• Improving incident response times
• Reducing false positives and other extraneous alerts
• Enhancing threat detection capabilities
• Apply cybersecurity best practices
• Manage Threat intelligence feeds
• Overseeing the incident response process
• Reviewing incident reports
• Point of Contact (POC) by Communicating with the Client and Management
• Developing plans on how to deal with critical impact attacks
• Supporting external audit requirements and ensure the organizational security controls are appropriate and effective
• Responsible for Vendor management
• Develop and maintain reporting metrics and mechanisms used to execute and measure SOC activities

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, or related field.
• 5-8+ years of experience in cybersecurity operations, with 3+ years in SOC leadership.
• Strong knowledge of SIEM, SOAR, EDR, NDR, DLP, and Threat Intelligence platforms.
• Hands-on expertise in incident response, threat hunting, and vulnerability management.
• Familiarity with compliance frameworks: NCA, SAMA, ISO 27001, NIST, PCI-DSS.
• Security certifications such as CISSP, CISM, CISA, GIAC, CEH, or ISO 27001 LA are a plus.
• Proven experience managing KPIs, SLAs, and SOC performance metrics.
• Strong leadership skills: coaching, mentoring, and managing 24/7 SOC operations.
• Excellent communication and stakeholder management skills.
• Fluent in English (Arabic preferred).

• Private Health Insurance
• Paid Time Off
• Training & Development

By contacting us you agree with the storage and handling of your data by this website.

Location

Jeddah

Experience
5+ years

Send Your CV To

Job Description
Job Title: Security Analyst - L3

Experience: 5+ years

Location: Jeddah

Key Responsibility Areas – Security Analyst - L3 – SOC

• Security Incident Leadership: Lead high-priority security investigations and incident response activities, ensuring accurate analysis, containment, remediation, and post-incident reporting.
• Operational Oversight: Oversee day-to-day SOC operations, including shift handovers, escalation management, and ensuring continuity across a 24/7 environment with global customers.
• Technical Expertise: Act as the escalation point for complex threats and security incidents requiring deep analysis of logs, packets, malware, and behavioral patterns using EDR, XDR, SIEM, and forensic tools.
• Threat Detection and Hunting: Conduct proactive threat hunting using various data sources and tools. Create and optimize detection use-cases, correlation rules, and playbooks to enhance threat visibility and reduce dwell time.
• Process & Playbook Management: Develop, refine, and enforce standard operating procedures (SOPs), playbooks, and incident response workflows to drive consistent and measurable outcomes.
• Customer Engagement: Interface with global stakeholders (especially US/Canada clients), providing clear incident briefings, RCA reports, and advisory support.
• Collaboration and Mentorship: Mentor L1 and L2 analysts, conduct training sessions, and support skill development across shifts.
• Continuous Improvement: Participate in tuning detection content, improving tool configurations, and supporting red/blue/purple team exercises to elevate SOC maturity.
• Documentation and Reporting: Ensure high-quality documentation of incidents, processes, and technical findings. Contribute to executive and operational reporting.

Apply Now

Location

Jeddah

Experience
5+ years

Send Your CV To

Job Description

Job Title: Security Analyst - L3

Experience: 5+ years

Location: Jeddah

Key Responsibility Areas – Security Analyst - L3 – SOC

• Security Incident Leadership: Lead high-priority security investigations and incident response activities, ensuring accurate analysis, containment, remediation, and post-incident reporting.

• Operational Oversight: Oversee day-to-day SOC operations, including shift handovers, escalation management, and ensuring continuity across a 24/7 environment with global customers.

• Technical Expertise: Act as the escalation point for complex threats and security incidents requiring deep analysis of logs, packets, malware, and behavioral patterns using EDR, XDR, SIEM, and forensic tools.

• Threat Detection and Hunting: Conduct proactive threat hunting using various data sources and tools. Create and optimize detection use-cases, correlation rules, and playbooks to enhance threat visibility and reduce dwell time.

• Process & Playbook Management: Develop, refine, and enforce standard operating procedures (SOPs), playbooks, and incident response workflows to drive consistent and measurable outcomes.

• Customer Engagement: Interface with global stakeholders (especially US/Canada clients), providing clear incident briefings, RCA reports, and advisory support.

• Collaboration and Mentorship: Mentor L1 and L2 analysts, conduct training sessions, and support skill development across shifts.

• Continuous Improvement: Participate in tuning detection content, improving tool configurations, and supporting red/blue/purple team exercises to elevate SOC maturity.

• Documentation and Reporting: Ensure high-quality documentation of incidents, processes, and technical findings. Contribute to executive and operational reporting.

Location

Jeddah

Experience

5+ years

Send Your CV To

By contacting us you agree with the storage and handling of your data by this website.

• Security Incident Leadership: Lead high-priority security investigations and incident response activities, ensuring accurate analysis, containment, remediation, and post-incident reporting.
• Operational Oversight: Oversee day-to-day SOC operations, including shift handovers, escalation management, and ensuring continuity across a 24/7 environment with global customers.
• Technical Expertise: Act as the escalation point for complex threats and security incidents requiring deep analysis of logs, packets, malware, and behavioral patterns using EDR, XDR, SIEM, and forensic tools.
• Threat Detection and Hunting: Conduct proactive threat hunting using various data sources and tools. Create and optimize detection use-cases, correlation rules, and playbooks to enhance threat visibility and reduce dwell time.
• Process & Playbook Management: Develop, refine, and enforce standard operating procedures (SOPs), playbooks, and incident response workflows to drive consistent and measurable outcomes.
• Customer Engagement: Interface with global stakeholders (especially US/Canada clients), providing clear incident briefings, RCA reports, and advisory support.
• Collaboration and Mentorship: Mentor L1 and L2 analysts, conduct training sessions, and support skill development across shifts.
• Continuous Improvement: Participate in tuning detection content, improving tool configurations, and supporting red/blue/purple team exercises to elevate SOC maturity.
• Documentation and Reporting: Ensure high-quality documentation of incidents, processes, and technical findings. Contribute to executive and operational reporting.

Role Purpose:

To support the organization's Governance, Risk, and Compliance (GRC) cybersecurity framework by implementing, monitoring, and reporting on cybersecurity initiatives, ensuring alignment with Saudi regulatory requirements and internal policies. The role focuses on managing cybersecurity risks, compliance, and governance activities to strengthen the organization's security posture.

Key responsibilities:

• Assist in the development, implementation, and maintenance of the organization's cybersecurity governance framework in alignment with Saudi cybersecurity regulations.
• Support the identification, assessment, and mitigation of cybersecurity risks as part of the enterprise risk management process.
• Monitor compliance with cybersecurity policies, frameworks, and standards, providing regular updates to the Head of GRC and Cybersecurity.
• Coordinate and support internal and external cybersecurity audits and regulatory assessments.
• Conduct periodic risk assessments and ensure that gaps are documented and addressed through actionable plans.
• Maintain the cybersecurity risk register and track the status of mitigation actions.
• Support the development and delivery of cybersecurity awareness programs for all employees.
• Monitor security incidents and collaborate with IT and third-party vendors for timely response and remediation.
• Assist in managing third-party risks by ensuring vendors comply with the organization's cybersecurity requirements.
• Prepare regular reports on cybersecurity risks, compliance status, and performance metrics for leadership and board-level committees.
• Stay updated on emerging cybersecurity threats and regulatory changes to recommend proactive measures.

Qualifications:

• Bachelor's degree in Cybersecurity, Information Security, Information Technology, or a related field.
• Preferably one or more of the following certifications or similar in Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), ISO 27001 Lead Implementer or Auditor and Certified in Risk and Information Systems Control (CRISC).
• Proficiency in Microsoft Office Suite Word, Excel, PowerPoint, and Outlook.
• Exceptional written and verbal communication skills in both English and Arabic.
• 3-4 years of experience in cybersecurity governance, risk, and compliance.

We are seeking a dynamic and experienced cybersecurity professional to join our Security Operations Center (SOC) team. If you're a Saudi national passionate about cybersecurity, incident response, and threat intelligence, this is your opportunity to make a national impact.

Location: Saudi Arabia

Position: Senior Security Analyst

Preference: Saudi nationals

Department: Security Operations Center (SOC)

Key Responsibilities

• Monitor and analyze security technologies such as IDS/IPS, Firewalls, VPNs, and Switches.
• Investigate and respond to security incidents using SIEM and XDR tools.
• Develop and implement incident response procedures within defined SLAs.
• Perform threat hunting, forensic log analysis, and generate quality security reports.
• Work closely with internal teams and clients to resolve and document incidents.
• Mentor junior analysts and contribute to team knowledge-sharing.
• Create and maintain technical documentation and threat intelligence reports.
• Develop SIEM content, drive automation (SOAR), and contribute to continuous improvement.
• Engage in on-site incident response activities when needed.

Qualifications & Skills

• Minimum 4+ years of cybersecurity experience.
• Bachelor's or Master's degree in Cybersecurity, IT Security, or a related field.
• Hands-on experience with XDR, SIEM platforms (Splunk, ArcSight, QRadar, LogRhythm), and incident handling.
• Strong understanding of MITRE ATT&CK, Cyber Kill Chain, and network protocols (TCP/IP).
• Preferred certifications: OSCP, CISSP, CCIE, GCIH, GCIA, etc.
• Ability to analyze and interpret logs from various system and security sources.
• Fluent in English; Arabic is a plus.
• Strong communication, leadership, and mentoring abilities.

Why Join Us?

• Be a part of a critical national SOC team protecting vital infrastructure and enterprise networks.
• Work with advanced threat detection tools and contribute to real-time security defense.
• Collaborate with top-tier cybersecurity professionals and grow in a high-impact environment.

Interested candidates (Saudis preferred) can apply now or send their CV to () with the subject line:

Application – Senior Security Analyst – Saudi Arabia

Job Type: Full-time

Pay: From ﷼5,000.00 per month

Application Question(s):

• Current Salary per month in SAR
• Expected Salary per month in SAR
• Nationality
• Notice Period
• Current Location

Experience:

• SOC: 3 years (Required)

Location:

• Jeddah (Required)

Our Culture:

At Hulool Zaintech for Information Technology we are proud of our culture and how it drives everything we do. We are looking for individuals who share our values and want to be part of a unique and engaging culture that revolves around collaboration and innovation. If you are looking for a role where you can drive engagement and excellence across teams through commitment and collaboration, and are someone who is customer-centric and appreciates an organization with uncompromised integrity that focuses on employee engagement then read on to learn more about how you can become part of the Hulool Zaintech family.

Our Code of Conduct

At Hulool Zaintech for Information Technology we strictly adhere to our code of conduct, which is there to serve as a moral compass, offering a framework for responsible behaviours and enabling ethical choices that cultivate positive relationships and a better future. It also outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across the countries we engage with.

Every year, all employees are required to review, comprehend, confirm, and adhere to the code of conduct. Additionally, all newly hired employees are subject to the same as part of their onboarding process.

The SOC L1 team plays a critical role in maintaining the security posture of an organization and protecting it from cyber threats.

Duties and Responsibilities:

• Performing initial analysis on true positive alerts to determine root cause and impact.
• Undertake first stages of false positive and false negative analysis.
• Generate weekly reports from SIEM platform and send it to L2 SOC analysts for review
• Track and update incidents and requests based on client’s updates and analysis results
• Escalate validated and confirmed incidents as per escalation procedures.
• Collection of necessary logs that could help in the incident containment and security investigation
• Acknowledge, analyze and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
• Acknowledge, analyze and validate incidents triggered from correlated events through SIEM solution.
• Other duties related to the position

• Bachelor's degree in Cyber Security, Computer Science, or any IT-related field
• 0-2 years of experience, fresh graduates are welcome to apply

Minimum two of the below Certificates:

• Security+
• CEH
• eLearnSecurity Certified Incident Responder
• EC-Council Certified Security Analyst

Our Culture:

At Hulool Zaintech for Information Technology, we are proud of our culture and how it drives everything we do. We seek individuals who share our values and want to be part of a unique, engaging culture centered around collaboration and innovation. If you are looking for a role where you can enhance engagement and excellence across teams through commitment and collaboration, and are customer-centric with a focus on integrity and employee engagement, then read on to learn how you can join the Hulool Zaintech family.

Our Code of Conduct:

We strictly adhere to our code of conduct, which serves as a moral compass, providing a framework for responsible behavior and ethical decision-making. It outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across all countries we operate in. All employees review, understand, and adhere to this code annually, including new hires during onboarding.

Duties and Responsibilities:

1. Manage, configure, test, and integrate the SIEM system, focusing on content development such as reports, dashboards, real-time rules, filters, and channels.
2. Develop and deploy new content (use-cases) on SIEM solutions based on business or threat requirements, with the engineering team's support.
3. Conduct breach and investigative analysis to trace activities related to advanced threats.
4. Investigate and escalate complex or high-severity security threats or incidents.
5. Serve as an escalation resource and mentor for other analysts.
6. Collaborate with SIEM engineering and security partners to develop and refine correlation rules.
7. Maintain expertise in advanced persistent threats, forensics, and incident response practices.
8. Perform threat hunting to identify emerging threat activities across internal and external sources.
9. Coordinate evidence gathering, documentation, and review security incident reports.
10. Assist in defining and driving strategic security initiatives.
11. Create and develop SOC processes and procedures in collaboration with Level 1 and Level 2 analysts.
12. Recommend improvements to security policies, procedures, and architecture based on operational insights.
13. Develop operational and executive reports.
14. Analyze security events to verify incidents, assessing their impact and risk to clients.
15. Prepare incident analysis reports and coordinate responses with relevant teams.
16. Support log integration activities and reduce false positives.
17. Assist during incident containment, investigation, eradication, and recovery phases.
18. Provide data support for SOC reports and metrics.
19. Monitor for false positives and work with engineering to address them.
20. Analyze recurring incidents and system performance, implementing corrective actions.
21. Document and update playbooks and procedures.

Minimum Requirements:

• 5+ years of experience in SOC operations, monitoring, and event analysis.
• Expertise in security monitoring and analysis platforms and related technologies.
• Excellent analytical and problem-solving skills.
• Advanced knowledge of SIEM/ SOAR technologies for event investigation.
• Strong understanding of incident handling and response techniques.
• Extensive experience in incident response, handling, and security operations.

Level 1 SOC Analysts onsite in Saudi Arabia

Level 1 SOC Analyst – Saudi Arabia

Job Role / Experience and Responsibilities :

• Incident management, call logging and assignment
• Basic troubleshooting and user assistance. 24*7 Monitoring and Analysis of Security Events received through SIEM security appliances.
• Prioritizing and allocating Security devices onboarding service requests for fulfilment
• Knowledge in SIEM tool, Splunk, NetIQ, CCNA, CCSP, QRadar (6-12 months + experience)
• Assign trouble tickets to self and provide first call resolution to know issues.
• Escalate the trouble tickets to level 2 & 3 engineers as per SLA
• Update customers on status of incident resolution as per SLA
• Participate in a 24x7 call-out ROTA as per the shift schedule
• Activities during the operation support can include assisting customer team in any of the following areas:
• Continuously monitoring SOC tools for alerts and security incidents
• 24x7 Security Monitoring the threat detection capabilities
• Classifying incidents into appropriate categories

If your interested please send your CV and we will call you to discuss.