SOC Engineer

Bevatel is seeking a SOC Engineer to design, operate, and continuously improve our Security Operations Center (SOC) capabilities.

This role is technical and operational, focused on real-time threat detection, incident response, log engineering, and SIEM/SOAR operations in a high-compliance environment.

You will play a critical role in protecting Bevatel’s telecom, cloud, and platform infrastructure, while ensuring alignment with Saudi cybersecurity regulations and international best practices.

Responsibilities:

Security Monitoring & Detection

• Monitor security events across cloud, on-prem, network, endpoints, and applications
• Analyze alerts from SIEM, EDR, WAF, IDS/IPS, and cloud-native security tools
• Reduce false positives through tuning detection rules and correlation logic
• Develop and maintain use cases aligned to real attack scenarios
  
  

Incident Response

• Lead and execute security incident response (triage, containment, eradication, recovery)
• Perform root cause analysis (RCA) and document incidents clearly
• Coordinate with IT, DevOps, Network, and Management during incidents
• Support post-incident reviews and lessons learned
  
  

SIEM & Log Engineering

• Onboard and normalize logs from:
  
  

○ Cloud platforms

○ Firewalls, WAF, VPN

○ Identity systems

○ Applications and databases

• Create and maintain dashboards, alerts, and reports
• Ensure log retention and integrity in line with regulatory requirements
  
  

Threat Intelligence & Hunting

• Conduct proactive threat hunting
• Track and analyze threat intelligence feeds
• Map detections to MITRE ATT&CK
• Identify emerging attack patterns relevant to telecom and fin-tech environments
  
  

Compliance & Reporting

• Support compliance with:
  
  

○ NCA Essential Cybersecurity Controls (ECC / CCC)

○ SAMA Cybersecurity Framework (where applicable)

○ CST / CITC requirements

○ ISO 27001

• Prepare SOC reports, metrics, and evidence for audits and regulators
• Maintain clear SOC documentation and playbooks
  
  

Continuous Improvement

• Enhance SOC processes, playbooks, and response workflows
• Participate in SOC automation (SOAR) initiatives
• Improve SOC maturity, metrics (MTTD, MTTR), and operational efficiency
  
  

Requirements

Technical Skills

• Strong understanding of:
  
  

○ Security Operations & Incident Response

○ Networking (TCP/IP, DNS, HTTP, TLS)

○ Linux systems

• Hands-on experience with:
  
  

○ SIEM platforms (Splunk, Elastic, Wazuh, Sentinel, QRadar, etc.)

○ EDR / Endpoint Security

○ Firewalls, WAFs, IDS/IPS

• Experience analyzing:
  
  

○ Logs, network traffic, alerts, and system behavior

Cloud & Modern Environments:

• Experience with cloud environments (AWS, GCP, Cloudflare)
• Familiarity with containers and Kubernetes security is a plus
• Understanding of IAM, API security, and application logs
  
  

Regulatory Awareness (Highly Preferred):

• Knowledge of Saudi cybersecurity regulations:
  
  

○ NCA ECC / CCC

○ SAMA CSF (for regulated environments)

○ CST requirements

• Experience supporting regulatory audits is a strong advantage.
  
  

Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or related field
• 3–6 years experience in SOC, security operations, or incident response
• Certifications (preferred but not mandatory):
  
  

○ GCIA, GCIH, GCED

○ CEH, Security+

○ ISO 27001 or SOC-related certifications

Soft Skills:

• Strong analytical and problem-solving skills
• Ability to stay calm under pressure during incidents
• Clear documentation and communication skills
• Team player with a security-first mindset
• High sense of ownership and accountability
  
  

Benefits

• Comprehensive Social & Medical Insurance: Enjoy peace of mind with our robust health coverage and additional social benefits.
• Dynamic Working Environment: Thrive in a collaborative and innovative workspace that encourages creativity and teamwork.
• Continuous Learning Opportunities: Access professional development programs, workshops, and courses to help you grow your skills and advance your career.