SOC Analyst/Engineer - KSA

Essential Duties and Responsibilities

• Monitor COMPANY network proactively from the Cyber-Security perspective, using existing Cyber-Security tools provided by the COMPANY.
• Supporting and cooperating with On-Site COMPANY workers or hired under other CONTRACTOR who is administrating the tools.
• Observe, Detect, Analyze, Investigate, and Report any malicious Cyber Security event.
• Use the COMPANY Service Desk system to Raise the incident and assign it to the concerned team to track and document the resolution of any Cyber-Security observations.
• Ensure all open incidents are closed ontimely manner.
• Provide analysis along with recommendations for each and every incident to help systems administrators take the required actions.
• Monitor inbound email traffic, report any suspicious, analyze, and release quarantined emails.
• Monitor outbound email traffic, report any suspicious, detect and report any DLP incident.
• Monitor web traffic and report any suspicious.
• Analyze cybersecurity breaches and provide root cause analysis reports.
• Monitor Firewall, IDS, Anti-virus and Operating System logs, and any other sources of security events and report any suspicious.
• Monitor SIEM events and logs closely, report any suspicious and recommend actions, develop and implement new use cases.
• Ensure continuous improvement to the security posture by recommending better policies and processes to be defined.
• Ensure to achieve compliance with standards and regulations such as NIST and NCA and other COMPANY standards.
• Raise IMR (Incident Management Report) whenever a Cyber-Security incident needs to be deeply investigated.
• Follow the Escalation Matrix in case the Cyber-Security incident needs to be escalated.
• Review & update SOP (Standard Operating Procedure) on a quarterly basis.