Based at the Yanbu Industrial City Program on the West Coast of KSA, Parsons are looking to hire a Security Operations Centre Analyst.

The Security Operations Centre Analyst will work closely with IT to maintain, monitor and respond to various notifications from monitoring systems to improve the IT security. The role will also work with all users to respond to security issues and to identify and suggest improvements that can be made to technologies and processes.

The role will report directly to the IT Director and interface across all Program Departments

What You’ll Be Doing:

• Act as a lead throughout incident scenarios and provide subject matter expertise in cybersecurity incident response
• Conduct host based and network forensics, log analysis and malware triage supporting incident response
• Work with application owners to determine log based monitoring requirements and develop rules in SPLUNK to detect anomalies
• Execute incident response process when a security incident has been declared
• Services monitored and delivered include, but are not limited to SIEM, IDS/IPS, Firewall, Web Content Filtering, Data Leak Prevention (DLP), Proxy, and Security Event Correlation and Reporting to appropriate Tier 2 incident handling staff or relevant sources to determine increased risk to the business
• Work closely with rest of Corporate IT (CIT) Security team to ensure all security protection measures, policies, and procedures, including general IT standards, are implemented and functioning as planned globally
• Keep current in IT Security and IT trends and technologies by reading/following security industry publications and networking with other security professionals
• Responsible for the successful execution of incident handling procedures direct response to security incidents
• Analyze and identify technical and procedural vulnerabilities, providing recommendations that enable timely remediation.
• Maintain current knowledge of and recognize attacker tools, tactics, and procedures to produce indicators of compromise (IOCs) that can be utilized during active and future investigations

What Required Skills You’ll Bring:

• Bachelor’s degree is required, preferably in Information Technology or related field.
• 4+ years experience working in a Security Operations Center.
• Minimum of 2 years full-time work experience in IT consisting of at least 1 year doing windows systems administration, and includes experience with Active Directory, DNS, and network routing.
• Rudimentary understanding of intrusion detection, firewall operations, and other general security.
• Desired skills for this position include IDS/IPS, Firewalls, Incident response, Operating systems, Crisis management, Splunk, TCP/IP, Authentication Software, Bluecoat

What Desired Skills You’ll Bring:

• Strong written and verbal communication skills, must be able to articulate complex technical analysis to both technical and non-technical audiences.
• We are only considering applications from Saudi Nationals for this role. If you are not Saudi National your application will not be considered.

Minimum Clearance Required to Start:

Not Applicable/None