اعثر على وظيفة أحلامك

Job Title: SOC Team Lead – Saudi National Only. Department: Managed Security Services - Security Operations Center (SOC). Reports To: Cybersecurity Operations Manager. Purpose The SOC Team Lead is responsible for leading and supervising Security Operations Center activities within a managed security services environment, ensuring the effective delivery of monitoring, detection, analysis, escalation, incident response coordination, and reporting services to clients. The role is accountable for maintaining operational excellence, ensuring compliance with contractual, regulatory, and internal requirements, and supporting the organization’s managed SOC service objectives in alignment with applicable NCA cybersecurity requirements. Responsibilities 1. SOC Service Operations * Lead day-to-day SOC operations to ensure the effective delivery of managed security monitoring and incident handling services to clients. * Supervise SOC analysts and senior analysts, including shift management, workload distribution, queue monitoring, and quality assurance. * Ensure timely triage, investigation, escalation, and closure of security alerts, events, and incidents in accordance with defined service levels and internal procedures. * Maintain SOC runbooks, operational procedures, escalation matrices, and client-specific response playbooks. * Support the continuous improvement of SOC processes, workflows, service quality, and operational efficiency. 2. Security Monitoring and Detection Management * Oversee the effective operation of security monitoring technologies, including SIEM, SOAR, EDR/XDR, threat intelligence platforms, and log management solutions. * Ensure the onboarding, integration, and health monitoring of client log sources, security controls, and telemetry feeds. * Review and optimize correlation rules, alert logic, and detection use cases to enhance visibility and reduce false positives. * Ensure monitoring coverage is aligned with client requirements, service scope, and applicable regulatory obligations. * Validate log quality, retention, integrity, time synchronization, and access controls across monitored environments. 3. Incident Response and Escalation Management * Lead the coordination of security incident handling activities from detection through analysis, containment, eradication, recovery, and post-incident review. * Ensure incidents are classified, prioritized, documented, and escalated appropriately based on severity, business impact, and contractual obligations. * Coordinate with internal teams, client stakeholders, and third parties during major incidents and service escalations. * Support incident communications, reporting, and service notifications in line with internal standards and client requirements. * Ensure evidence handling and documentation are maintained in accordance with investigation and compliance requirements. 4. Threat Intelligence and Threat Hunting * Support the collection, review, and operationalization of threat intelligence to improve detection and response capability. * Ensure intelligence outputs are translated into actionable use cases, watchlists, alerts, and response measures. * Lead or support proactive threat hunting activities based on threat trends, indicators of compromise, and attacker tactics, techniques, and procedures. * Contribute to the development of intelligence-driven detection and service enhancement initiatives. 5. Client Service and Stakeholder Management * Act as an operational focal point for assigned clients on SOC service delivery matters. * Support client communications related to service performance, major incidents, escalations, and reporting. * Ensure client requirements, contractual obligations, and service expectations are understood and reflected in daily SOC operations. * Contribute to service review meetings, operational reporting, and client satisfaction initiatives. * Coordinate with internal support teams to address service gaps, operational issues, and improvement opportunities. 6. Team Leadership and Capability Development * Lead, coach, and mentor SOC personnel to maintain a high-performing and service-oriented team environment. * Set performance expectations and support ongoing development through feedback, coaching, and training recommendations. * Conduct regular shift reviews, case quality reviews, and performance follow-up activities. * Identify capability gaps and support knowledge development across monitoring, investigation, and response functions. * Promote a culture of professionalism, accountability, collaboration, and continuous improvement. * Ensure SOC operations are conducted in accordance with internal policies, service standards, contractual obligations, and applicable regulatory requirements. * Prepare operational dashboards and management reports covering service levels, incident statistics, alert volumes, response times, and performance trends. * Support internal and external audits, compliance reviews, tabletop exercises, and evidence collection activities. * Ensure SOC documentation is current, approved, and periodically reviewed. * Track remediation actions, service improvements, and control gaps identified through operations, audits, and incident reviews. Qualifications and Experience * Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field. * Minimum of 5 years of relevant cybersecurity experience, including at least 2 years in SOC operations, incident response, or security monitoring leadership. * Proven experience in a Managed Security Service Provider (MSSP) or managed SOC services environment. * Strong experience in security monitoring, incident handling, escalation management, and SOC service delivery. * Good understanding of cybersecurity operations, threat management, and client-facing service environments. * Knowledge of Saudi cybersecurity regulatory requirements, particularly NCA requirements relevant to security monitoring and incident management. * Strong communication and reporting skills in English; Arabic is preferred. Preferred Certifications * CISSP, CISM, GCIH, GCIA, GCFA * ITIL Foundation or equivalent service management certification * Relevant SIEM, SOAR, or vendor-specific security operations certifications are an advantage Technical Skills * SIEM administration, content tuning, use case development, and alert tuning * Incident handling, escalation management, and threat intelligence operationalization * Log source integration, event correlation, and raw log file analysis * Endpoint, network, email, identity, and cloud security monitoring * Reporting, metrics, and SOC operational governance * Familiarity with DFIR processes, evidence handling, and malware investigations * Experience with scripting and automation using Python or PowerShell to improve SOC efficiency * Experience working in a Managed Security Service Provider (MSSP) environment * Experience with SOAR platforms and security automation workflows * Knowledge of incident response standards and frameworks such as NIST SP 800-61 and SANS PICERL * Experience with network security tools, network traffic analyzers, firewall logs, network flows, IDS/IPS, system logs, memory dumps, and vulnerability management tools * Experience with SIEM platforms, especially Splunk, QRadar, Wazuh, and other enterprise or open-source equivalents * Previous experience in incident response and threat hunting Core Competencies * Leadership and people management * Client service orientation * Sound judgment and decision-making under pressure * Incident communication and stakeholder coordination * Analytical thinking and problem-solving * Planning, prioritization, and operational discipline * Quality focus and attention to detail * Strong documentation and reporting skills Key Performance Indicators * Mean Time to Detect (MTTD) * Mean Time to Respond / Contain (MTTR) * SLA compliance for alert triage and incident escalation * Incident handling quality and reporting accuracy * Detection use case effectiveness and tuning efficiency * Reduction in false positive rates * Log source onboarding and monitoring coverage progress * Client service quality and operational satisfaction * Audit and compliance readiness * Team productivity and capability developmen

Job Title: SOC Team Lead – Saudi National. Department: Managed Security Services - Security Operations Center (SOC). Reports To: Cybersecurity Operations Manager **Purpose** The SOC Team Lead is responsible for leading and supervising Security Operations Center activities within a managed security services environment, ensuring the effective delivery of monitoring, detection, analysis, escalation, incident response coordination, and reporting services to clients. The role is accountable for maintaining operational excellence, ensuring compliance with contractual, regulatory, and internal requirements, and supporting the organization’s managed SOC service objectives in alignment with applicable NCA cybersecurity requirements. Responsibilities 1. SOC Service Operations · Lead day-to-day SOC operations to ensure the effective delivery of managed security monitoring and incident handling services to clients. · Supervise SOC analysts and senior analysts, including shift management, workload distribution, queue monitoring, and quality assurance. · Ensure timely triage, investigation, escalation, and closure of security alerts, events, and incidents in accordance with defined service levels and internal procedures. · Maintain SOC runbooks, operational procedures, escalation matrices, and client-specific response playbooks. · Support the continuous improvement of SOC processes, workflows, service quality, and operational efficiency. 2. Security Monitoring and Detection Management · Oversee the effective operation of security monitoring technologies, including SIEM, SOAR, EDR/XDR, threat intelligence platforms, and log management solutions. · Ensure the onboarding, integration, and health monitoring of client log sources, security controls, and telemetry feeds. · Review and optimize correlation rules, alert logic, and detection use cases to enhance visibility and reduce false positives. · Ensure monitoring coverage is aligned with client requirements, service scope, and applicable regulatory obligations. · Validate log quality, retention, integrity, time synchronization, and access controls across monitored environments. 3. Incident Response and Escalation Management · Lead the coordination of security incident handling activities from detection through analysis, containment, eradication, recovery, and post-incident review. · Ensure incidents are classified, prioritized, documented, and escalated appropriately based on severity, business impact, and contractual obligations. · Coordinate with internal teams, client stakeholders, and third parties during major incidents and service escalations. · Support incident communications, reporting, and service notifications in line with internal standards and client requirements. · Ensure evidence handling and documentation are maintained in accordance with investigation and compliance requirements. 4. Threat Intelligence and Threat Hunting · Support the collection, review, and operationalization of threat intelligence to improve detection and response capability. · Ensure intelligence outputs are translated into actionable use cases, watchlists, alerts, and response measures. · Lead or support proactive threat hunting activities based on threat trends, indicators of compromise, and attacker tactics, techniques, and procedures. · Contribute to the development of intelligence-driven detection and service enhancement initiatives. 5. Client Service and Stakeholder Management · Act as an operational focal point for assigned clients on SOC service delivery matters. · Support client communications related to service performance, major incidents, escalations, and reporting. · Ensure client requirements, contractual obligations, and service expectations are understood and reflected in daily SOC operations. · Contribute to service review meetings, operational reporting, and client satisfaction initiatives. · Coordinate with internal support teams to address service gaps, operational issues, and improvement opportunities. 6. Team Leadership and Capability Development · Lead, coach, and mentor SOC personnel to maintain a high-performing and service-oriented team environment. · Set performance expectations and support ongoing development through feedback, coaching, and training recommendations. · Conduct regular shift reviews, case quality reviews, and performance follow-up activities. · Identify capability gaps and support knowledge development across monitoring, investigation, and response functions. · Promote a culture of professionalism, accountability, collaboration, and continuous improvement. · Ensure SOC operations are conducted in accordance with internal policies, service standards, contractual obligations, and applicable regulatory requirements. · Prepare operational dashboards and management reports covering service levels, incident statistics, alert volumes, response times, and performance trends. · Support internal and external audits, compliance reviews, tabletop exercises, and evidence collection activities. · Ensure SOC documentation is current, approved, and periodically reviewed. · Track remediation actions, service improvements, and control gaps identified through operations, audits, and incident reviews. Qualifications and Experience · Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field. · Minimum of 3 years of relevant cybersecurity experience, including at least 2 years in SOC operations, incident response, or security monitoring leadership. · Proven experience in a Managed Security Service Provider (MSSP) or managed SOC services environment. · Strong experience in security monitoring, incident handling, escalation management, and SOC service delivery. · Good understanding of cybersecurity operations, threat management, and client-facing service environments. · Knowledge of Saudi cybersecurity regulatory requirements, particularly NCA requirements relevant to security monitoring and incident management. · Strong communication and reporting skills in English; Arabic is preferred. Preferred Certifications · CISSP, CISM, GCIH, GCIA, GCFA · ITIL Foundation or equivalent service management certification · Relevant SIEM, SOAR, or vendor-specific security operations certifications are an advantage Technical Skills · SIEM administration, content tuning, use case development, and alert tuning · Incident handling, escalation management, and threat intelligence operationalization · Log source integration, event correlation, and raw log file analysis · Endpoint, network, email, identity, and cloud security monitoring · Reporting, metrics, and SOC operational governance · Familiarity with DFIR processes, evidence handling, and malware investigations · Experience with scripting and automation using Python or PowerShell to improve SOC efficiency · Experience working in a Managed Security Service Provider (MSSP) environment · Experience with SOAR platforms and security automation workflows · Knowledge of incident response standards and frameworks such as NIST SP 800-61 and SANS PICERL · Experience with network security tools, network traffic analyzers, firewall logs, network flows, IDS/IPS, system logs, memory dumps, and vulnerability management tools · Experience with SIEM platforms, especially Splunk, QRadar, Wazuh, and other enterprise or open-source equivalents · Previous experience in incident response and threat hunting Core Competencies · Leadership and people management · Client service orientation · Sound judgment and decision-making under pressure · Incident communication and stakeholder coordination · Analytical thinking and problem-solving · Planning, prioritization, and operational discipline · Quality focus and attention to detail · Strong documentation and reporting skills Key Performance Indicators · Mean Time to Detect (MTTD) · Mean Time to Respond / Contain (MTTR) · SLA compliance for alert triage and incident escalation · Incident handling quality and reporting accuracy · Detection use case effectiveness and tuning efficiency · Reduction in false positive rates · Log source onboarding and monitoring coverage progress · Client service quality and operational satisfaction · Audit and compliance readiness · Team productivity and capability development

مطلوب لعمل محلل أعمال مع شركة حكومية في الرياض. لدعم مشاريع تطوير البرمجيات وتطبيقات الهاتف المحمول. يتطلب هذا الدور خبرة في إعداد وثيقة متطلبات الأعمال (BRD)، ومواصفات متطلبات البرامج (SRS)، وقصص المستخدمين (User Stories)، والعمل ضمن منهجية أجايل (Agile)، بالإضافة إلى إجادة اللغتين العربية والإنجليزية. *المسؤوليات الرئيسية* •⁠ ⁠جمع وتحليل وتوثيق متطلبات الأعمال والنظام. •⁠ ⁠إعداد وثيقة متطلبات الأعمال (BRD) ومواصفات متطلبات البرامج (SRS). •⁠ ⁠تحويل المتطلبات إلى قصص مستخدمين (User Stories) واضحة مع معايير القبول. •⁠ ⁠عقد اجتماعات وورش عمل مع أصحاب المصلحة (باللغتين العربية والإنجليزية). •⁠ ⁠العمل عن كثب مع مالك المنتج (Product Owner)، وسكروم ماستر (Scrum Master)، وفريق التطوير. •⁠ ⁠المشاركة في اجتماعات أجايل (تخطيط السبرينت، الاجتماعات اليومية، المراجعات). •⁠ ⁠صيانة وتنقيح قائمة مهام المنتج (Product Backlog). •⁠ ⁠دعم اختبار قبول المستخدم (UAT) وضمان التوافق بين احتياجات العمل والحلول المقدمة. *المتطلبات* •⁠ ⁠خبرة في إعداد وثيقة متطلبات الأعمال (BRD)، ومواصفات متطلبات البرامج (SRS)، وقصص المستخدمين (User Stories). •⁠ ⁠معرفة قوية بمنهجية (Agile/Scrum). •⁠ ⁠مهارات تواصل وتحليل ممتازة.

تعلن شركة وادي العقول عن توفر فرصة تدريب تعاوني لطلاب الجامعات في التخصصات التالية: * تقنية المعلومات (Information Technology) * ⁠هندسة البرمجيات (Software Engineering) * ⁠ أو أي تخصص ذي صلة متطلبات التدريب: * الإلمام بأساسيات تصميم وتطوير المواقع الإلكترونية * ⁠معرفة جيدة بـ HTML، CSS، JavaScript * ⁠يُفضل وجود خبرة أو معرفة في أنظمة إدارة المحتوى مثل WordPress أو أطر العمل الخاصة بتطوير الويب * ⁠الجدية، والرغبة في التعلم، والقدرة على العمل ضمن فريق تفاصيل التدريب: * مقر التدريب: حضوري (الرياض) * ⁠مدة التدريب: حسب متطلبات الخطة الأكاديمية للجامعة * ⁠الفئة المستهدفة: طلاب التدريب التعاوني المعتمد من الجامعة التقديم على هذا الرقم: 0555610650

Job Overview: We are seeking a highly experienced and results-driven Senior Cybersecurity Engineer to join our team. The ideal candidate will have deep technical expertise in cybersecurity, along with strong business acumen and a proven ability to support sales activities, engage clients, and deliver tailored security solutions. Previous experience working with large or well-established cybersecurity companies is highly preferred. Key Responsibilities: Design, implement, and maintain advanced cybersecurity solutions aligned with industry best practices and client requirements. Conduct security assessments, risk analysis, penetration testing, and vulnerability management. Develop and enforce security policies, standards, and procedures. Monitor, analyze, and respond to security incidents and breaches. Provide technical consultation and cybersecurity expertise during pre-sales and post-sales phases. Collaborate with the sales team to present cybersecurity solutions, conduct technical presentations, and support client negotiations. Build trust with clients by clearly explaining cybersecurity risks, solutions, and value propositions. Stay up to date with the latest cybersecurity threats, technologies, frameworks, and compliance requirements. Prepare technical documentation, proposals, and reports for clients and internal stakeholders. Work closely with internal teams to ensure successful implementation and delivery of cybersecurity projects. Required Qualifications & Skills: Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field (Master’s degree is a plus). Minimum of 5–8 years of proven experience in the cybersecurity field. Strong hands-on experience with security technologies such as firewalls, SIEM, IDS/IPS, EDR, IAM, and cloud security solutions. Solid understanding of international security standards and frameworks (ISO 27001, NIST, CIS, SOC, etc.). Experience in customer-facing roles, including pre-sales, solution design, and client presentations. Strong sales mindset with the ability to influence, persuade, and build long-term client relationships. Previous experience working with large or well-known cybersecurity or technology companies is highly preferred. Excellent communication, presentation, and negotiation skills. Ability to translate complex technical concepts into clear business-oriented language. Relevant professional certifications are highly desirable (CISSP, CISM, CEH, Security+, ISO 27001, or equivalent). Strong analytical, problem-solving, and decision-making skills. What We Offer: Competitive salary and performance-based incentives. Opportunity to work on high-impact cybersecurity projects. Professional growth and exposure to enterprise-level clients. Dynamic and collaborative work environment.