Security Operations Center (SOC) Engineer

About the role

Estarta is seeking an experienced Security Operations Center (SOC) Engineer to join its cybersecurity team in Riyadh. The role focuses on designing, implementing and managing advanced security monitoring, detection and response solutions to protect the organization’s assets.

Key responsibilities

• Design, deploy and maintain SIEM platforms, develop use cases, correlation rules and dashboards to ensure comprehensive threat detection.
• Create, tune and operate SOAR playbooks, automate repetitive security tasks and integrate with ticketing and threat‑intelligence feeds.
• Monitor, investigate and respond to alerts from EDR solutions, conduct incident analysis, containment, eradication and recovery.
• Perform proactive threat hunting using threat intelligence, IOCs, behavioral analytics and MITRE ATT&CK techniques.

Required profile

• Proven hands‑on experience with SIEM, SOAR and EDR technologies.
• Strong understanding of security operations, threat intelligence and incident response processes.
• Ability to work collaboratively with IT, cybersecurity and business stakeholders.
• Motivated, detail‑oriented professional passionate about cyber defence.

Required skills

• SIEM platforms
• SOAR orchestration
• Endpoint Detection and Response (EDR)
• Threat intelligence integration
• MITRE ATT&CK framework
• Security automation and scripting
• Log analysis and correlation

What we offer

• Competitive compensation package.
• Relocation support for candidates based outside Saudi Arabia.
• Opportunity to work in a dynamic cybersecurity environment in Riyadh.