86 Threat Management jobs in Saudi Arabia

Our client is currently hiring for a Cyber Security SIEM Arcsight Administrator.

Manage and Maintain ArcSight Infrastructure

Manage the installation, configuration, and overall health of ArcSight components, including ESM, Logger, Connectors, and ArcMC. Plan and execute updates, patches, and system upgrades to ensure platform stability and security.

• Log Source Integration

Onboard and maintain log sources to ensure consistent event collection, and developing FlexConnectors for unsupported log sources.

• Troubleshooting and Issue Resolution

Identify and resolve issues related to event flow, dropped logs, or parsing errors.

• System Monitoring

Monitor performance, availability, and event flow across the ArcSight environment.

• Security Event Management

Support the SOC by ensuring accurate and timely event logging, correlation, and alert generation. Assist the remote SOC team by addressing queries related to log data and on-site activities as required

Participating in incident as SOC member and providing the log details

• Connector Administration

Manage SmartConnectors, including troubleshooting caching and event drop issues, optimizing performance.

• Compliance and Audit Support

Ensure log retention and access controls align with internal policies and regulatory requirements.

• Access and Role Management

Implement and manage user roles and permissions within the SIEM environment.

• Documentation and Reporting

Maintain system documentation and generate operational and compliance reports as required.

Robust knowledge of Cybersecurity regulations, standards and controls.

Fluent in Cyber Incident Detection, Response and Management

Strong understanding of ICT, including Hardware, Software and Networks.

Expertise in preparing and analyzing Cybersecurity reports.

Experience in ICT / Cybersecurity Audit / Compliance / Regulatory discussions Professional Certification: Security+, CCNA or CCNP - NSE4A

collaborative team player who fosters a culture of continuous improvement and empowers team members to achieve their best.

An individual with a strong commitment to quality, accountability, and ethical practices in project and change management.

A candidate with a passion for mentoring and developing talent within the information and cyber security management functions.

Fluent in Arabic and English languages

Requirements

Bachelor's degree in Computer Science, Information Security, or related field.

The candidate must have extensive experience in incident handling and reporting (at least 3 years in a similar role).

Professional certifications related to incident response is preferable.

Strong analytical and problem-solving skills.

Knowledge of network security zones, Firewall configurations, IDS policies.

Knowledge of systems communications from Layer 1 to 7.

Experience with Systems Administration, Middleware, and Application Administration.

Experience with Network and Network Security tools administration.

In-depth experience with log search tools and usage of regular expressions.

In-depth knowledge of packet capture and analysis.

Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat).

Ability to create a containment strategy and execute it.

Company Industry

• IT - Software Services

Department / Functional Area

• IT Software

Keywords

• Cyber Security Analyst

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at

Provide 24x7 monitoring (shift based), analysis and alerting of IT Security events and incidents.

Analyze security events to verify incidents and their potential impact and risk to the clients.

Create tickets for incident alerts and prioritize, correlate, and analyze events and incidents.

Prepare and share incident analysis form to initiate response to validated events by engaging the required teams or resources to address the security incidents

Analyze recurring incidents and performance of existing systems, processes, people and ensure corrective actions are taken.

Proactive monitoring and respond to known and emerging threats against the network.

Whitelist and fine-tuning content (use-cases) on SIEM solution.

Threat hunting by identifying and hunting for emerging threat activities across all internal and external sources

Perform complex data analysis in support of security event management.

Conducting detailed & comprehensive investigation and triage on wide variety of security events and implement cleanup and remediation processes.

Participation on Incident Response that includes root cause and lessons learned.

Participation in the development of new logic and analytical capabilities.

Desired Candidate Profile

3+ years experience in SOC operation or with common security operations systems, Intrusion Detection Systems (IDS/IPS), Security Incident Event Management systems (SIEM), anti-virus log collection systems, etc.

Excellent security data analytical and problem-solving skills.

Good knowledge and expertise of using SIEMSOAR technologies for event investigation

Demonstrated experience with a wide variety of security logs to detect and resolve security issues.

Demonstrated success as a member of a highly collaborative team.

Excellent written and oral communication skills

Good understanding of the incident response process

Company Industry

• IT - Software Services

Department / Functional Area

• Guards
• Security Services

Keywords

• L2 Security Analyst

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at

Join our Saudi Arabia EMEA Regional Cybersecurity and Technology controls team to navigate complex risk landscapes and fortify technology governance, regulatory compliance making a pivotal impact in our firm's robust risk strategy.

As an Information Systems Security Officer Analyst in our cybersecurity tech controls team, you will contribute to the successful management of technology-aligned aspects of Governance, Risk, and Regulatory Compliance in line with the firm's standards and country specific requirements. Leverage your broad knowledge in risk management principles and practices to assess and monitor risks and implement and performs effective controls, regulatory compliance assessments, risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm’s risk posture. Through collaboration and analytical skills, you will contribute to the overall success of the Technology Risk & Services team and ensure compliance with regulatory obligations and industry standards.

Job responsibilities

• Assess and monitor technology risks, ensuring compliance with firm standards, Saudi Arabia regulatory requirements, and industry best practices
• Support regulatory audits.
• Support the implementation of effective controls in collaboration with cross-functional teams and stakeholders.
• Manage review of application and Technology infrastructure in accordance with regulatory requirements.
• Drive security into local projects.
• Execute and evaluate the effectiveness of existing controls, identify gaps, and recommend improvements to mitigate risks and enhance the firm’s risk posture
• Analyse complex situations, provide advice on risk management strategies, and support the implementation of risk mitigation measures

Required qualifications, capabilities, and skills

• Bachelor´s degree information security or related fields.
• Knowledge in risk identification, assessment, and control evaluation, with a strong understanding of industry standards.
• Ability to analyse complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders.
• Knowledge of risk management frameworks, regulations, and industry best practices
• Excellent proven problem-solvingand troubleshooting skills.
• Good interpersonal skills.
• Fluent in writing, speaking, and listening in English
• Ability to handle multiple issues through channels like intake portal, symphony, and emails.
• Ability to document business processes and flows.
• Ability to work with technology teams to integrate systems into business operations and services.
• General knowledge about Cloud (AWS, Azure, GAIA etc.)

Desired qualifications will be a plus ,

• CISM, CRISC, CISSP, or other industry-recognized risk and risk certifications preferred

The Cyber Analyst performs real-time event and incident management processes within the SOC, including internal security incident evaluation and response, following established guidelines and policies.

1. Monitor and analyze events and logs in real-time using leading SIEM technology.
2. Identify security incidents and conduct first-level investigations.
3. Escalate incidents to Level 2 Analysts for further response.

• Bachelor's degree in Computer Science or a relevant field.
• Master's degree in Information Security is preferred.
• Ability to work on a flexible, rotational 24x7x365 schedule.
• Strong ability to follow processes, procedures, and prioritize tasks.
• Knowledge of modern attack techniques and awareness of current threat landscape is preferred.
• Understanding of TCP/IP, Linux, Windows infrastructures, and basic network security concepts.
• Excellent communication skills in English, both verbal and written.
• Strong analytical and troubleshooting skills within short timeframes.
• Prior experience with SIEM/log analysis is not required but will be considered a plus.

• Dynamic, respectful environment that values individuals and supports work/life balance.
• Continuous coaching with theoretical and hands-on training.
• Opportunities for international career development and collaboration with diverse teams.
• Competitive compensation package based on experience and qualifications, with a focus on rewarding effort.

Administration, management, configuration, testing, and integration tasks related to the SIEM system focusing primarily on content development to include reports, dashboards, real-time rules, filters, and channels.

Develop and deploy new content (use-cases) on SIEM solution, in respect to business or emergency threat requirements with the assistance of the engineering team.

Conduct multi-step breach and investigative analysis to trace the dynamic activities associated with advanced threats

Perform investigation and escalation for complex or high severity security threats or incidents

Serve as an escalation resource and mentor for other analysts

Work with SIEM Engineering and other security partners developing and refining correlation rules

Maintain expert knowledge of advanced persistent threats tools, techniques, and procedures (TTPs) as well as forensics and incident response practices.

Threat hunting by identifying and hunting for emerging threat activities across all internal and external sources

Coordinate evidence/data gathering and documentation and review Security Incident reports

Assist in defining and driving strategic initiatives

Create and develop SOC processes and procedures working with Level 2 and Level 1 Analysts

Provide recommendations for improvements to security Policy, Procedures, and Architecture based on operational insights

Define and assist in creation of operational and executive reports

Analyze security events to verify incidents and their potential impact and risk to the clients.

Prepare and share incident analysis form to initiate response to validated events by engaging the required teams or resources to address the security incidents.

Provide support in the log integration activities and elimination of false positives.

Provide support during incident containment, investigation, eradication, and recovery.

Support with data required for generating SOC reports and metrics.

Monitor for false positive events and coordinate with engineering team to rectify them.

Analyze recurring incidents and performance of existing systems, processes, and people and ensure corrective actions are taken.

Support with data required for generating SOC reports and metrics.

Support in documenting new playbooks and updating existing ones

Desired Candidate Profile

• 5+ years experience in SOC operations, monitoring and event analysis.
• Expertise in Security monitoring & analysis platforms, and related technologies.
• Excellent analytical and problem-solving skills
• Advanced knowledge and expertise of using SIEMSOAR technologies for event investigation
• Strong understanding of incident handling/incident response techniques
• Extensive experience in Incident Response, Incident Handling and Security Operations

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at

The Cyber Analyst performs real-time event and incident management processes within the SOC, including internal security incident evaluation and response, following established guidelines and policies.

1. Monitor and analyze logs in real-time using leading SIEM technology.
2. Identify security incidents and conduct first-level investigations.
3. Escalate incidents to Level 2 Analysts for further response.

• Bachelor's degree in Computer Science or a related field.
• Master's degree in Information Security is preferred.
• Ability to work on a flexible, rotational 24x7x365 schedule.
• Strong adherence to processes, procedures, and task prioritization.
• Knowledge of attack techniques and current threat landscape is desirable.
• Understanding of TCP/IP, Linux, Windows infrastructures, and basic network security concepts.
• Excellent communication skills in English.
• Analytical and troubleshooting skills for quick resolution.
• Prior experience with SIEM/Log Analysis is a plus but not required.

The Cyber Analyst performs real-time event and incident management processes within the SOC, including internal security incident evaluation and response, following established guidelines and policies.

1. Monitor and analyze events and logs in real-time using leading SIEM technology.
2. Identify security incidents and conduct first-level investigations.
3. Escalate incidents to Level 2 Analysts for further response.

• Bachelor's degree in Computer Science or a relevant field.
• Master's degree in Information Security is preferred.
• Ability to work on a flexible, rotational 24x7x365 schedule.
• Strong ability to follow processes, procedures, and prioritize tasks.
• Knowledge of modern attack techniques and awareness of current threats (desired).
• Understanding of TCP/IP, Linux, Windows infrastructures, and basic network security concepts.
• Excellent communication skills in English, both verbal and written.
• Analytical and troubleshooting skills capable of handling issues within short timeframes.
• Prior experience with SIEM/Log Analysis is not required but considered a plus.

• Dynamic, respectful environment that values work/life balance and supports initiatives.
• Continuous coaching with theoretical and hands-on training.
• Opportunities for international career growth and collaboration with diverse cultures.
• Competitive compensation package based on experience and qualifications, with a focus on rewarding effort.