What is the salary for this Senior SOC Analyst role?

Salary information is not publicly listed for this position. Apply directly to discuss compensation with Salla.

Where is this Senior SOC Analyst position located?

This is an on-site position at Salla located in Jeddah, Makkah Province, Saudi Arabia, Middle East.

How do I apply for this Senior SOC Analyst job at Salla?

Click the 'Apply' button on this page to be redirected to Salla's application portal. Make sure to have your resume ready and tailor your application to highlight relevant experience.

Salla is actively hiring for Security roles. Visit the company page to see all open positions and learn more about working at Salla.

Senior SOC Analyst

Salla Jeddah, Makkah Province, Saudi Arabia 4 days ago

security

About the role
We are looking for a Senior SOC Analyst to lead advanced security monitoring, investigation, and response across our cloud, endpoint, network, and edge environments. This role sits at the L2/L3 level and plays a critical part in incident escalation, detection engineering, and strengthening our overall security posture. You will also act as a mentor to junior analysts and collaborate closely with security, cloud, and engineering teams.

Key responsibilities

Perform advanced L2/L3 alert triage and investigations across endpoint, network, cloud, and edge security platforms
Lead investigations using SIEM tools to validate incidents, reduce noise, and determine impact
Analyze and respond to edge security events including WAF, DDoS, bot activity, and Zero Trust alerts
Act as an escalation point for confirmed incidents and support containment and response actions
Conduct root cause analysis and threat investigations, identifying attacker behavior and scope of impact
Design, tune, and maintain detection rules and logic across SIEM platforms
Improve detection coverage by aligning rules with the MITRE ATT&CK framework
Mentor and guide junior SOC analysts and contribute to skill development across the team
Help build and maintain investigation playbooks and incident response runbooks
Collaborate with SOC leadership, Cloud Security, and DevOps teams to improve security controls and visibility

What success looks like

Security alerts are accurately triaged with reduced false positives and faster response times
Incidents are thoroughly investigated with clear root cause analysis and actionable remediation
Detection coverage improves continuously across cloud, endpoint, and edge environments
Junior analysts demonstrate stronger investigation and escalation capabilities
Cross-functional teams are supported with clear, timely security insights and recommendations

Requirements

5+ years of experience as a SOC Analyst (L2/L3)
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent experience
Hands-on experience with SIEM platforms (Splunk, Graylog, or similar)
Experience performing alert triage, incident investigation, and escalation
Strong knowledge of networking protocols (TCP/IP, DNS, HTTP/HTTPS, BGP)
Experience analyzing AWS security logs (CloudTrail, CloudWatch, VPC Flow Logs)
Experience with container and Kubernetes runtime security (Kubernetes, Amazon EKS)
Hands-on experience with Cloudflare security tools (WAF, DDoS, Bot Management, Zero Trust)
Strong understanding of IDS/IPS, firewalls, proxies, and DLP technologies
Experience conducting root cause analysis and post-incident reviews
Familiarity with MITRE ATT&CK framework and NIST incident response standards
Experience developing and tuning SIEM detection rules
Knowledge of scripting or automation (Python, PowerShell, or Bash)
Foundational understanding of AI/ML security concepts and LLM-related risks
Strong analytical, investigation, and incident handling skills
Ability to communicate technical findings to non-technical stakeholders
Relevant certifications preferred (GCIA, GCIH, CompTIA CySA+, AWS Security Specialty)