SOC/MDR Analyst (Tier 2/3) - Global Management Consultancy
Riyadh, Saudi Arabia - Immediate starters - Extendable contract
We are seeking an experienced SOC/MDR Analyst at Tier 2/3 level to join our client's SOC team in Riyadh. This role will play a critical part in their cybersecurity operations by monitoring, detecting, investigating, and responding to cyber threats using advanced security tools and methodologies.
The ideal candidate will have in-depth, hands-on experience with EDR, NDR, SIEM, and SOAR tools and will be accustomed to high-intensity environments, preferably with prior experience in a Managed Security Service Provider (MSSP) context.
Key Responsibilities:
- Threat Monitoring and Detection: Continuously monitor security alerts and incidents via EDR, NDR, SIEM, and SOAR systems to identify potential threats and vulnerabilities.
- Incident Investigation and Response: Perform in-depth analysis and triage of security incidents to assess scope, impact, and urgency, and execute appropriate response actions.
- Threat Intelligence and Reporting: Collaborate with the Threat Intelligence team to leverage current threat intel in incident handling, and produce actionable reports for stakeholders.
- Automation and Process Optimization: Utilize SOAR capabilities to automate and improve incident response workflows, minimizing manual interventions and reducing response time.
- Collaboration and Escalation: Work closely with Tier 1 analysts to provide guidance and support, and escalate incidents to higher tiers when necessary.
Candidate Requirements:
- Experience: Minimum of 4-5 years in a SOC/MDR environment, with significant Tier 2/3 experience.
- Technical Proficiency: Hands-on expertise in using EDR, NDR, SIEM, and SOAR tools for threat detection, analysis, and response.
- Industry Background: Preferred experience in a Managed Security Service Provider (MSSP) setting.
- Analytical Skills: Strong ability to assess, analyze, and correlate data to make rapid and accurate decisions during incidents.
- Certifications: Relevant industry certifications such as CISSP, CISM, CompTIA CySA+, or similar are a plus.
