Security Specialist (Soc Analyst)

Overview Position Overview

The Security Specialist (SOC Analyst) is responsible for the administration, monitoring, and enforcement of the organization’s information security policies and practices. This role ensures that information assets remain protected in terms of confidentiality, integrity, and availability, while authorized users can readily access the information they need. The SOC Analyst will play a key role in incident detection, response, threat hunting, vulnerability management, and ensuring compliance with cybersecurity standards.

Responsibilities

Service Management & Operations : Draft, maintain, and enforce policies, standards, procedures, and documentation for security.

Monitor compliance with security operations procedures and investigate actual / potential security breaches.

Ensure timely and thorough investigations of incidents, implementing corrective measures.

Maintain accurate and complete records of security operations.

Plan and implement security changes required to maintain organizational defenses.

Strategy & Risk Management : Conduct risk assessments, vulnerability assessments, and business impact analyses for applications and systems.

Provide expert advice on security strategies and recommend control improvements.

Investigate and report on major breaches, leveraging forensic tools and practices.

Contribute to the development of security standards and guidelines in line with organizational policies.

Ensure proportionate response to vulnerabilities and threats.

Incident Detection & Response : Monitor security alerts and events using SIEM tools (e.g., Azure Sentinel).

Investigate and analyze incidents to determine root cause and impact.

Execute containment, eradication, and recovery measures.

Maintain and update incident response playbooks and procedures.

Coordinate with the National Cyber Security Agency in case of reportable incidents.

Conduct internal investigations and recommend corrective measures.

Threat Hunting & Vulnerability Management : Perform threat hunting to proactively identify risks and vulnerabilities.

Conduct vulnerability scans and penetration tests using Tenable, Burp Suite, and similar tools.

Tune and implement threat detection analytics and SOC infrastructure.

Develop custom signatures / rules for detection and prevention systems.

Script automation for security analysis and incident response (Python, PowerShell, Bash).

Security Tools & Technologies : Manage and configure firewalls, IDS / IPS, and endpoint protection solutions.

Administer and optimize security monitoring platforms (e.g., Microsoft Defender, Microsoft Cloud Defender, Microsoft Purview, Insider Risk Management).

Support compliance with frameworks such as GDPR, HIPAA, NIA, Qatar 2022 CSF, ISO 27001.

Conduct cybersecurity drills and disaster recovery exercises.

Ensure compliance with data privacy and data protection requirements.

Collaboration & Reporting : Work closely with IT teams to align with security best practices.

Provide timely and accurate reporting on incidents, risks, and trends to management.

Stay updated with emerging cybersecurity threats, vulnerabilities, and technologies.

Contribute to awareness and training initiatives.

Key Skills & Competencies

Minimum 5–6 years’ experience in cybersecurity, preferably within a SOC environment.

Proven experience in incident response, threat hunting, and vulnerability management.

Strong knowledge of SIEM tools (Azure Sentinel mandatory).

Experience with endpoint protection and vulnerability scanners (Defender, Tenable, Burp Suite, etc.).

Understanding of network forensics, endpoint forensics, and threat intelligence.

Strong knowledge of networking protocols, firewalls, IDS / IPS.

Scripting skills in Python, PowerShell, or Bash.

Strong problem-solving, analytical, and communication skills.

Ability to work under pressure and handle multiple tasks effectively.

Qualifications

Education : Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field.

Mandatory Certifications : CSA, CEH, SC-200.

Preferred (Not Mandatory) : CompTIA Security+, CISSP, GIAC GSEC, GCIH, or equivalent certifications.

Skills : cybersecurity, certified ethical hacker, vulnerability, networking, risk, soc

#J-18808-Ljbffr