H

Senior Cybersecurity Specialist (Splunk Architect)

Help AG, an e& enterprise company

Riyadh, Riyadh Province, Saudi Arabia · Full Time

Be the first to apply

Experience
3–5 yrs
Salary
Openings
1
Posted
3 days ago
Work mode
In office
Education
Bachelor’s degree
Eligibility
Candidates with a bachelor’s degree or equivalent experience, along with a background in SOC, managed security, or client network environments, can apply. Experience with Splunk SIEM, EDR, Microsoft security technologies, and shift-based client support is expected.
Resume
Required to apply

Where you'll work

Job description

Role overview

Help AG, part of e& enterprise, is hiring an experienced Senior Cybersecurity Specialist with a Splunk Architect focus for its Cyber Engineering team in Riyadh. The role centers on building procedures, improving processes, and keeping security platforms running smoothly across both internal and customer environments. You will collaborate with management, SOC analysts, threat analysts, solution architects, engineers, and clients to deliver critical managed security services.

This position involves administering, maintaining, and connecting SOC technologies such as SIEM, EDR, NDR, vulnerability assessment, SOAR, and related platforms. The work also includes supporting Microsoft security tools, vulnerability management, EDR operations, and content development for SOC use cases.

Key responsibilities

  • Run and maintain Splunk and Splunk apps, including building new apps or expanding existing ones with specialized capabilities.
  • Connect Splunk to a broad range of older and legacy data sources.
  • Stay flexible and learn SOC tools and technologies from different vendors as needed.
  • Work with application and infrastructure teams to define strong practices for using Splunk data and dashboards effectively.
  • Design, deploy, and support solutions using Microsoft security products such as Azure Cloud Access Security Broker, Office 365 Advanced Threat Protection, and Microsoft Defender ATP, including their integrations for large-scale threat intelligence and managed security services.
  • Support the deployment, implementation, and upkeep of vulnerability scan engines with Engineering, SOC, and IR teams.
  • Record vulnerabilities and drive mitigation actions within the agreed SLA.
  • Manage EDR sensors across their full lifecycle, including deployment, operations, administration, maintenance, patching, upgrades, and updates.
  • Create watchlists to identify indicators of compromise and malicious behavior tied to emerging threats.
  • Understand customer requirements, design appropriate solutions, and implement them.
  • Evaluate new technology quickly and solve problems to determine whether it is viable.
  • Act as a primary contact for managed security customer systems and own client configuration issues through resolution.
  • Partner with SOC colleagues on operational tasks and service-improvement initiatives.
  • Reduce false positives and improve processes together with other MSS teams.
  • Develop SOC content such as Splunk use cases in coordination with the SOC team.

Requirements

  • Strong working knowledge of Splunk SIEM is required.
  • At least 3 years of professional experience supporting and maintaining Splunk SIEM and Enterprise Security.
  • 3 to 5 years of experience tuning Splunk SIEM content at an advanced level.
  • Background in networks and network architecture.
  • Bachelor’s degree or equivalent hands-on training and experience in a SOC, managed security, or client network setting.
  • Security knowledge in one or more areas, including EDR.
  • Practical experience with EDR tools such as Carbon Black, Vectra, and Microsoft Azure.
  • Splunk Admin, Splunk Architect, and Splunk Consultant certifications are mandatory.
  • Knowledge of Linux and Windows operating systems.
  • Experience with other SIEM platforms such as QRadar and LogRhythm is preferred.
  • Experience delivering services to clients in a service-oriented environment.
  • Ability to work shifts and provide support outside regular hours when required.
  • Experience using internal and client ticketing plus knowledge base systems for incident and problem tracking and documentation.

Benefits

  • Medical coverage through one of the leading global health insurance providers.
  • Opportunities for career growth through challenging projects and meaningful work.
  • Employee engagement activities held throughout the year.
  • Customized learning and development programs.

About Help AG

Help AG is the cybersecurity division of e& enterprise and serves enterprises and government organizations across the Middle East with strategic advisory services and tailored information security solutions. Since 2004, the company has built a strong regional presence and was acquired by e& in February 2020, strengthening its position as a cybersecurity and digital transformation leader.

The organization is recognized for vendor-neutral, independent cybersecurity guidance and for delivering value through specialized technologies, skilled service teams, and a consulting practice focused on strengthening cyber defenses and protecting business operations.

Leave it if you'd like a reply — we won't use it for anything else.

Click to browse, drag & drop, or paste a screenshot

PNG, JPG, GIF, MP4, WebM, MOV · Max 20MB each · Up to 5 files

🤖
Broxer Assistant
Online · instant AI help
🤖
AI-powered · answers from Broxer Help