Broxeur
Rejoindre
This page was automatically translated and may contain errors. View in English.
Z

SOC Analyst L3

Zoho

Riyadh, Riyadh Province, Saudi Arabia · À temps plein

Soyez le premier à postuler

Expérience
5–8 yrs
Salaire
Ouvertures
1
Publié
il y a 6 heures
Work mode
Au bureau
Eligibility
Professionals with 5 to 8 years of experience in SOC, incident response, threat hunting, or related cybersecurity work who are willing to work onsite in Riyadh, Saudi Arabia.
Resume
Required to apply

Where you'll work

Description de l'emploi

About the Company

Zoho is a major software company with a broad portfolio of more than 55 applications spanning sales, marketing, customer service, accounting, back-office functions, and productivity and collaboration tools. Built to address complex business needs, the company serves over 130 million users and more than 18,000 employees worldwide. It has operated privately for 29 years with a bootstrapped, profitable model focused on building a durable business.

Role Overview

Zoho is looking for a SOC Analyst L3 to work from Riyadh, Saudi Arabia. This role calls for a seasoned security operations professional who can lead advanced investigations, strengthen detection coverage, and guide junior analysts.

Experience

The position requires 5 to 8 years of relevant experience.

Key Responsibilities

  • Serve as the senior technical contact for complicated or high-impact security incidents.
  • Own the full incident response cycle, including investigation, containment, eradication, and recovery.
  • Carry out advanced threat-hunting activities across endpoints, network traffic, cloud platforms, email, and log data.
  • Investigate malware, analyze memory artifacts, and perform deep log reviews.
  • Run Purple Team exercises and contribute to stronger SOC maturity.
  • Enrich threat intelligence, correlate indicators of compromise, and prepare intelligence reports.
  • Work with IT, GRC, and leadership teams during major security events.
  • Coach and support L1 and L2 analysts through advanced training and mentorship.
  • Lead root cause analysis and post-incident review activities.
  • Assess and suggest new SOC technologies, tools, and integrations.
  • Design, implement, and maintain SIEM detections aligned with MITRE ATT&CK.
  • Improve existing detection rules to increase precision and lower false positives.
  • Identify detection blind spots and confirm visibility across important log sources.
  • Verify that new log sources are onboarded properly and that logs are normalized and parsed accurately.
  • Work with threat intelligence inputs to introduce new IOCs, behavioral patterns, and detection logic.
  • Build detection roadmaps and continuously expand SIEM coverage.
  • Create correlation rules, dashboards, and automated workflows.
  • Partner with infrastructure teams to ensure feeds from EDR, firewall, cloud, proxy, email, and application systems reach the SIEM.
  • Perform regular tuning sessions to improve alert quality and SOC efficiency.

Additional Information

Work location: Riyadh, Saudi Arabia. This is a full-time, onsite role.

Company Context

The role sits within a company known for building a wide range of business software products and supporting large-scale operations across the globe.

Compétences

Analyse des causes profondes Dashboarding Incident Response MITRE ATT&CK SIEM Threat Hunting Log Analysis Threat Intelligence Security Operations Center (SOC) Malware analysis Detection engineering Memory Forensics

Laissez ce message si vous souhaitez une réponse — nous ne l'utiliserons à aucune autre fin.

Cliquez pour parcourir, glisser-déposer, ou coller une capture d'écran

PNG, JPG, GIF, MP4, WebM, MOV · 20 Mo maximum par fichier · Jusqu'à 5 fichiers