Senior L1 Cyber Security Analyst

Job Purpose

Contributes to the execution of the 24x7 security event management procedures in SOC and assists to the development of new use cases and content to improve threat detection and incident response for OBRELA MDR Clients.

Accountabilities

• Real-Time Event & Log monitoring and analysis using leading SIEM Technologies.
• Escalation to Level 2 Analysts for incident response.
• Follow & ensure the Event Management processes according to MSS practices to provide support to other L1 analysts to their 24x7 operations.
• Performs threat hunting by analyzing and researching the techniques, tools and processes used by threat actors to guide threat containment or threat prevention and minimize risk for our clients.
• Management of the following Daily Trackers with association of L2 Analysts.
• Provide the On Call Support when available in shifts to L1 Analysts and in case for any case creation review the case template quality.
• Perform the Risk Analysis for Obrela Riyadh SOC and their Clients.
• Work as a L1 SPOC with L2 Analysts for any support required to L1 teams (Schedule Training, Content Improvement, Use Case Finetuning).
• Handle NCA/SAMA Advisories and assist L1 Analysts to export the logs and L2 Analysts to analyze and review Bi-Weekly Analyst performance with focus to improve performance.
• Case Templates Review & Enhancements & Creating Playbooks for L1s if required.
• Contributes to client training to provide successful end users familiarization to OBRELA’s MDR services if required.
• Coordinates, coaches, and motivates part of the L1 analysts’ team, through the appropriate on the job training, development, feedback about performance to ensure that L1 analysts have the appropriate knowledge, skills and support that will help them perform effectively and contribute to the achievement of the department’s desired short and long-term objectives.
• Support in building and organizing the Forensic, UAT environment including Sandbox & Malware Analysis capabilities with hands on Practice for yourself including the team.

Education & Qualifications:

• Bachelor's degree in Computer Science
• Master’s degree in information security is desired
• Industry Certifications such as GCIH, GCIA, CEH, CHFI, CISSP, GCFA, GREM is desired

Work Experience

• 2+ years of experience in the information security industry including SOC operations.
• Demonstrated experience with operations using a SIEM solution.
• Prior hands-on experience within a technical IT Security position (e.g. network/IT security engineer, penetration testing, technical advisor etc.) is desired.
• Demonstrated experience in one or more of the following fields will be considered a strong plus: Incident Response, Threat Intel, Forensics, Malware Analysis.

Benefits

• Dynamic and respectful environment – our people are the core of our business, we value each and every individual and support initiatives, promoting agility and work/life balance.
• Continuous coaching – work with passionate people and receive both theoretical as well as hands-on training.
• Career development. Expand your career internationally and work alongside knowledgeable people from diverse cultures and backgrounds.
• A competitive compensation package dependent upon your experience and qualifications. We’re focused on rewarding effοrts. Our salaries and benefits package will keep you motivated throughout your career.