SOC Analyst

JOB TITLE: SOC Analyst (Security Operations Centre)

LOCATION: Qatar / Remote | TYPE: Contract / Full-time | LEVELS: 3–5 yrs / 5–10 yrs / 10–20 yrs

ABOUT THE ROLE

We are recruiting a SOC Analyst to provide frontline monitoring, analysis, and initial incident handling for a government client in Qatar. You will act as the first line of defence for detecting and triaging security events, supporting continuous improvement of detection content and operational processes, and coordinating closely with CTI and Incident Response on suspicious or confirmed incidents.

KEY RESPONSIBILITIES

- Monitor security alerts, logs, and events from SIEM, EDR, network sensors, and other sources on a continuous basis.

- Conduct initial triage and validation of alerts, distinguishing true positives from false positives and escalating appropriately.

- Execute SOPs and runbooks for common alert types, including containment steps where authorized.

- Collect and preserve relevant logs, artifacts, and evidence to support deeper investigation by IR and engineering teams.

- Collaborate with CTI to apply threat intelligence (IOCs, TTPs) into investigations and prioritize alerts.

- Propose and assist with fine tuning of detection rules, thresholds, and use cases to improve signal to noise ratio.

- Maintain detailed incident tickets and daily/weekly SOC reports including trends, recurring issues, and metrics.

- Participate in drills and table-top exercises to validate incident response plans and readiness.

REQUIRED EXPERIENCE

- 3–20 years of experience in security operations, SOC monitoring, or cybersecurity analysis.

- Hands-on experience with SIEM platforms (Splunk, Sentinel, QRadar, ArcSight, or equivalent).

- Strong knowledge of network protocols, attack techniques, and the MITRE ATT&CK framework.

- Experience with EDR tools and endpoint alert triage.

- Ability to analyse logs from firewalls, proxies, Active Directory, and cloud platforms.

- Familiarity with threat intelligence concepts: IOCs, TTPs, and indicator enrichment.

- Experience documenting incidents and producing SOC metrics and trend reports.

- Government or critical infrastructure sector experience is a strong advantage.

PREFERRED CERTIFICATIONS

Candidates holding two or more of the following certifications will be viewed very favourably:

- CompTIA Security+ - strongly preferred, widely recognized SOC baseline certification

- CISSP - valued for senior SOC Analysts (Level 1) in leadership or architect-adjacent roles

- GCTI - valued for SOC analysts with a threat intelligence crossover focus

- CISM - valued for senior analysts bridging operations and governance

WHAT WE OFFER

- Engagement supporting a high-profile government client in Qatar.

- Multiple experience levels considered: junior (3–5 yrs), mid (5–10 yrs), and senior (10–20 yrs).

- Competitive contract rate aligned with experience level.

- Opportunity to work within a national-scale SOC environment.

Job Type: Full-time

Application Question(s):

• How soon can you join if selected?

Work Location: Remote