{bc}
linkedin

Threat Detection Engineer

COGNNA
Riyadh, KSA
Full Time
Mid
Onsite
3 weeks ago
SIEMEDRPythonPowerShellThreat IntelligenceMITRE ATT&CK
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

SIEMEDRPython
Smart Apply

Full Job Posting

Role Overview

  • As a Threat Detection Engineer at COGNNA, you'll design high impact detection strategies, build powerful automation, and elevate SOC operations to a world class standard.
  • You'll also mentor rising cyber talent and collaborate with teams across threat intel, incident response, and platform engineering.

Advanced Threat Detection Engineering

  • Build high fidelity correlation rules and behavioral detections within the COGNNA security platforms
  • Translate adversary TTPs (MITRE ATT&CK), threat intel, and vulnerability data into actionable logic
  • Identify detection gaps and introduce new data sources to cover evolving threat landscapes
  • Automate detection testing and maintain detection quality over time

Platform Engineering & Optimization

  • Lead architecture and optimization of XDR, SIEM, and SOC tech stacks for scale and resilience
  • Streamline log ingestion pipelines — from parsing to normalization and enrichment
  • Build scripts and automations (Python, PowerShell) to enhance SOC efficiency
  • Integrate tools across the SOC stack to enable seamless workflows and response.

Threat Hunting & Incident Response

  • Collaborate with intel and IR teams to enrich detection use cases and support threat hunts
  • Provide Tier 3+ support for incident investigations and post mortem analysis

Mentorship & SOC Maturity

  • Improve SOC playbooks, SOPs, and detection engineering workflows
  • Stay updated on global and regional threats — and evolve detection accordingly
  • Ensure compliance alignment (e.g., NCA ECC, SAMA CSF)

Education

  • Bachelor's in Computer Science, Cybersecurity, or related field.

Experience

  • Hands on expertise in developing and maintaining complex detection use cases
  • Strong understanding of attacker behavior, IR fundamentals, and digital forensics.

Technical Skills (You're a Power User!)

  • SIEM: Expert in SIEM queries (SPL, KQL, Lucene), rule tuning, UEBA, and scaling
  • EDR: Deep knowledge of EDR tools and endpoint detection tactics
  • Network Security: Pro at packet analysis (Wireshark), IDS/IPS, and NetFlow
  • Scripting: Advanced skills in Python and/or PowerShell for automation and integration
  • OS Internals: Mastery of Windows/Linux/macOS logging, artifacts, and forensic value
  • Threat Intelligence: Skilled in turning threat intel into real time detection logic
  • Cloud Security: Strong command of monitoring IaaS/PaaS/SaaS environments

Certifications (Highly Preferred)

  • SANS GIAC (GDAT, GMON, GCIA, GCTI, GCIH)
  • Offsec (OSDA)
  • INE (eCTHP, eCIR)
  • (ISC)² CISSP, CSSLP

Soft Skills

  • Exceptional analytical thinking and creative problem solving
  • Excellent communication (English & Arabic), including technical reporting
  • Strong mentorship abilities and a collaborative spirit
  • Self motivated, focused, and passionate about cyber defense
  • Capable of juggling priorities under high pressure situations

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at COGNNA