Threat Detection Engineer📣 إعلان

About the Role

COGNNA is seeking a Threat Detection Engineer to join its team in Riyadh. This full-time position involves designing and implementing advanced threat detection strategies, building automation, and enhancing Security Operations Center (SOC) capabilities. The role also includes mentoring junior talent and collaborating with various security teams.

Advanced Threat Detection Engineering

In this capacity, you will be responsible for developing high-fidelity correlation rules and behavioral detections within COGNNA's security platforms. This involves translating adversary tactics, techniques, and procedures (TTPs) based on frameworks like MITRE ATT&CK, alongside threat intelligence and vulnerability data, into actionable detection logic. You will also identify gaps in current detection capabilities and integrate new data sources to address evolving threat landscapes, while automating detection testing to maintain ongoing quality.

Platform Engineering and Optimization

This role requires leading the architecture and optimization of Extended Detection and Response (XDR), Security Information and Event Management (SIEM), and other SOC technology stacks to ensure scalability and resilience. Responsibilities include streamlining log ingestion pipelines, from parsing to normalization and enrichment. You will also build scripts and automations, primarily using Python and PowerShell, to improve SOC efficiency and integrate various tools across the SOC stack to facilitate seamless workflows and response actions.

Threat Hunting and Incident Response Support

Collaboration with threat intelligence and incident response teams is a key aspect of this position. You will work to enrich detection use cases and provide support for threat hunting activities. Additionally, you will offer Tier-3+ support for incident investigations and contribute to post-mortem analysis to identify lessons learned and improve future responses.

SOC Maturity and Compliance

This role involves improving SOC playbooks, standard operating procedures (SOPs), and detection engineering workflows. You are expected to stay informed about global and regional threats and adapt detection strategies accordingly. Ensuring compliance with relevant standards, such as NCA ECC and SAMA CSF, is also a responsibility.

Work Environment and Growth

The position is based in our Riyadh office, fostering on-site collaboration with experts. COGNNA offers opportunities for continuous growth through access to certifications and training programs. The company operates with a culture of trust, empowering talent and encouraging ownership, with potential for employees to grow with the company's success through its ESOP program. This role requires 0-1 years of experience.