Job description

Senior Threat Detection Engineer role within a cybersecurity environment in Riyadh responsible for designing, developing, and continuously improving threat detection capabilities across enterprise security monitoring platforms. The role focuses on SIEM engineering with strong emphasis on QRadar, detection logic development, and integration with security tools such as EDR and NDR to enhance threat visibility and response capabilities. The position involves translating threat intelligence, attack techniques, and business risks into actionable detection use cases aligned with frameworks such as MITRE ATT&CK and Cyber Kill Chain. Responsibilities include developing and maintaining correlation rules, alerting logic, thresholds, baselines, and behavioral analytics to detect multi-stage and complex cyberattacks. The role requires building detection use cases across endpoint, network, and application layers while integrating telemetry from multiple sources into SIEM platforms. The engineer is responsible for alert tuning, false positive reduction, and root cause analysis to ensure high-fidelity alerts and reduce SOC analyst fatigue. The position also supports threat hunting initiatives by collaborating with threat hunting teams, developing hypotheses, analyzing logs and telemetry data, and converting findings into scalable detection rules. The role includes QRadar platform optimization such as configuring log sources, parsing rules, event normalization, and ensuring SIEM performance and health. The candidate must maintain deep understanding of cyber threat landscapes, adversary behaviors, and security telemetry across enterprise environments while supporting continuous improvement of detection capabilities.