Job matched to your search
Threat Detection Engineer
COGNNA Β· Riyadh
Free Β· Join 5,000+ job seekers using Qarera
How well do you match this role?
Tap the skills you already have β then see your real match score, whatβs missing, and your resume fixed for this job.
Job description
As a Threat Detection Engineer at COGNNA, you'll design high-impact detection strategies, build powerful automation, and elevate SOC operations to a world-class standard. You'll also mentor rising cyber talent and collaborate with teams across threat intel, incident response, and platform engineering.
π Advanced Threat Detection Engineering
- Build high-fidelity correlation rules and behavioral detections within the COGNNA security platforms
- Translate adversary TTPs (MITRE ATT&CK), threat intel, and vulnerability data into actionable logic
- Identify detection gaps and introduce new data sources to cover evolving threat landscapes
- Automate detection testing and maintain detection quality over time
βοΈ Platform Engineering & Optimization
- Lead architecture and optimization of XDR, SIEM, and SOC tech stacks for scale and resilience
- Streamline log ingestion pipelines β from parsing to normalization and enrichment
- Build scripts and automations (Python, PowerShell) to enhance SOC efficiency
- Integrate tools across the SOC stack to enable seamless workflows and response.
π΅οΈββοΈ Threat Hunting & Incident Response
- Collaborate with intel and IR teams to enrich detection use cases and support threat hunts
- Provide Tier-3+ support for incident investigations and post-mortem analysis
π₯ Mentorship & SOC Maturity
- Improve SOC playbooks, SOPs, and detection engineering workflows
- Stay updated on global and regional threats β and evolve detection accordingly
- Ensure compliance alignment (e.g., NCA ECC, SAMA CSF)
Requirements π Education
- Bachelor's in Computer Science, Cybersecurity, or related field.
πΌ Experience
- Hands-on expertise in developing and maintaining complex detection use cases
- Strong understanding of attacker behavior, IR fundamentals, and digital forensics.
π§ Technical Skills (You're a Power User!)
- SIEM: Expert in SIEM queries (SPL, KQL, Lucene), rule tuning, UEBA, and scaling
- EDR: Deep knowledge of EDR tools and endpoint detection tactics
- Network Security: Pro at packet analysis (Wireshark), IDS/IPS, and NetFlow
- Scripting: Advanced skills in Python and/or PowerShell for automation and integration
- OS Internals: Mastery of Windows/Linux/macOS logging, artifacts, and forensic value
- Threat Intelligence: Skilled in turning threat intel into real-time detection logic
- Cloud Security: Strong command of monitoring IaaS/PaaS/SaaS environments
π Certifications (Highly Preferred)
- π SANS GIAC (GDAT, GMON, GCIA, GCTI, GCIH)
- π Offsec (OSDA)
- π« INE (eCTHP, eCIR)
- π§© (ISC)Β² CISSP, CSSLP
π€ Soft Skills
- Exceptional analytical thinking and creative problem-solving
- Excellent communication (English & Arabic), including technical reporting
- Strong mentorship abilities and a collaborative spirit
- Self-motivated, focused, and passionate about cyber defense
- Capable of juggling priorities under high-pressure situations
Benefits π Impact that Matters - Build products that shape the future of cybersecurity and protect organizations globally.
π’ On-Site Collaboration - Be at the heart of innovation in our Riyadh office, working side by side with passionate experts.
π‘ Continuous Growth - Access to certifications, trainings, and opportunities to sharpen your expertise.
π Ownership Mindset - Benefit from our ESOP program and grow with COGNNA's success.
π€ Culture of Trust - We empower talent, encourage ownership, and celebrate real outcomes.
More jobs in Riyadh
Browse related jobs
Donβt just read the job β see if youβll get it.
Get your match score, a resume tailored to this exact role, and jobs like it β free.
Check my fit for this job