Security Operation Center (SOC) Analyst L2

We are looking for a Security Operation Center (SOC) Analyst L2 to join our team in Jeddah, Saudi Arabia. As a SOC Analyst L2, you will be responsible for monitoring and analyzing security events and incidents, and providing effective response and remediation. You will play a crucial role in ensuring the confidentiality, integrity, and availability of our organization's information assets.

Responsibilities:

Provide investigation for escalated security incidents.

Check for false positive & duplicates.

Provide communication and escalation throughout the incident per the CSIRT guidelines.

Communicates directly with data asset owners and business response plan owners during high severity incidents.

Hunting for suspicious anomalous activity based on data alerts or data outputs from various toolsets.

Perform analysis of log files to collect more contextual information in order to triage the security threat.

Provide forensics analysis and investigation.

Drives containment strategy during data loss or breach events.

Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs).

Works directly with data asset owners and business response plan owners during high severity incidents.

Provide tuning recommendations to administrators based on findings during investigations or threat information reviews.

Collect contextual information and pursue technical root cause analysis and attack method analysis.

Make content determination to treat the alert as a security incident and assign a severity level.

Requirements:

Bachelor's degree in Computer Science, Information Security, or related field.

The candidate must have extensive experience in incident handling and reporting (at least 3 years in a similar role).

Professional certifications related to incident response is preferable.

Strong analytical and problem solving skills.

Knowledge of network security zones, Firewall configurations, IDS policies.

Knowledge of systems communications from Layer 1 to 7.

Experience with Systems Administration, Middleware, and Application Administration.

Experience with Network and Network Security tools administration.

In-depth experience with log search tools and usage of regular expressions.

In-depth knowledge of packet capture and analysis.

Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat).

Ability to make create a containment strategy and execute it.