SOC Analyst L📣 Job Ad
about 2 hours ago
 | Contract Type | Full-time |
 | Workplace type | On-site |
 | Location | Riyadh |
Job Description
About the Role
Zoho is seeking a skilled SOC Analyst L3 to join their team in Riyadh. This full-time position is integral to maintaining and enhancing Zoho's security operations, leveraging extensive experience in advanced security analysis and incident response.
Core Responsibilities
The SOC Analyst L3 will serve as the primary technical escalation point for complex and high-severity security incidents. This role involves leading the entire incident response lifecycle, from initial investigation and containment through to eradication and recovery. Advanced threat hunting across various environments, including endpoints, networks, cloud platforms, email, and logs, is a key function. The analyst will also conduct in-depth malware analysis, memory forensics, and detailed log analysis.
Security Operations Enhancement
A significant aspect of this role involves driving SOC maturity improvements through managing Purple Team exercises. The analyst will be responsible for threat intelligence enrichment, correlating Indicators of Compromise (IOCs), and producing intelligence reports. Coordination with IT, GRC, and senior management during major incidents is essential. Furthermore, the role includes providing advanced training and mentorship to L1 and L2 analysts, and leading Root Cause Analysis (RCA) and Post-Incident Review (PIR) processes.
Detection and SIEM Management
This position requires the evaluation and recommendation of new SOC technologies, tools, and integrations. The analyst will design, build, and maintain SIEM detection use-cases aligned with MITRE ATT&CK frameworks. Enhancing and tuning existing detection rules to improve accuracy and reduce false positives is a continuous responsibility. The role also involves assessing detection gaps, ensuring proper visibility across all critical log sources, and validating the onboarding of new log sources to ensure correct normalization and parsing.
Collaboration and Workflow Development
The SOC Analyst L3 will work with threat intelligence teams to integrate new IOCs, behavioral patterns, and detection logic. Developing detection roadmaps and continuously improving SIEM coverage are key objectives. The analyst will also develop correlation rules, dashboards, and automated workflows. Collaboration with infrastructure teams is necessary to ensure that required logs from sources such as EDR, firewalls, cloud services, proxies, email, and applications are feeding into the SIEM. Periodic tuning sessions will be conducted to improve alert fidelity and overall SOC efficiency.
Qualifications
Candidates should possess 5-10 years of relevant experience in security operations and incident response. A strong understanding of SIEM technologies, threat hunting methodologies, malware analysis, and forensic techniques is required. Experience with Purple Team exercises and a solid grasp of frameworks like MITRE ATT&CK are essential.
Requirements
- Requires 2-5 Years experience
Similar Jobs
You may also like
- Related SOC Analyst L Opportunities
- Marketing Specialist Jobs in Riyadh
- Marketing Manager Jobs in Riyadh
- Human Resources Clerk Jobs in Riyadh
- Reservations Agent Jobs in Riyadh
- barista Jobs in Riyadh
- Other Job Fields in Riyadh
- Marketing Specialist Jobs in Riyadh
- Marketing Manager Jobs in Riyadh
- Human Resources Clerk Jobs in Riyadh
- Reservations Agent Jobs in Riyadh
- barista Jobs in Riyadh
- Digital Marketing Specialist Jobs in Riyadh
- Seller Jobs in Riyadh
- Cashier Jobs in Riyadh
- Host Jobs in Riyadh
- Executive Secretary Jobs in Riyadh
- Explore Jobs Across Saudi Arabia
- Cashier Jobs in Hafar Al Batin
- Special Education Specialist Jobs in Taif
- Sweets Maker Jobs in Buraydah
- Receptionist Jobs in Makkah
- Executive Secretary Jobs in Riyadh
- Electrical Supervisor Jobs in Tabuk
- Coffee Cashier Jobs in Al Khobar
- Human Resources Coordinator Jobs in Umluj
- Cafe Manager Jobs in Riyadh
- Manufacturing officer Jobs in Riyadh