
Neom
Cybersecurity Specialist (CSOC Analyst, Governance Risk & Compliance)
- Permanent
- Neom, Saudi Arabia
- Experience 5 - 10 yrs
Job expiry date: 12/03/2026
Job overview
Date posted
27/01/2026
Location
Neom, Saudi Arabia
Salary
SAR 20,000 - 30,000 per month
Compensation
Comprehensive package
Experience
5 - 10 yrs
Seniority
Experienced
Qualification
Bachelors degree
Expiration date
12/03/2026
Job description
The Cybersecurity Specialist role at NEOM within the Governance, Risk & Compliance sector operates as a CSOC Analyst responsible for investigating, analyzing, and responding to cybersecurity incidents across enterprise environments. The role leverages data collected from a wide range of security defense tools to detect, analyze, and mitigate cyber threats, including monitoring network and system activity for malicious behavior, correlating cyber threat intelligence with observed security events, and escalating validated incidents to appropriate incident response teams. The position is deeply involved in security operations and continuous CSOC improvement by refining detection logic, developing and tuning SIEM use cases, conducting threat hunting activities, supporting malware and forensic analysis, and ensuring accurate documentation of incidents within SOAR platforms. The role supports 24/7 security monitoring operations, collaborates with internal stakeholders to remediate vulnerabilities, participates in purple team exercises, and contributes to the enhancement of detection, response, and operational resilience within a large-scale, high-security environment aligned with NEOM’s strategic objectives.
Required skills
Key responsibilities
- Monitor security alerts from SIEM and other security monitoring tools to detect potential cybersecurity threats
- Identify, analyze, triage, and escalate security incidents in accordance with defined incident response procedures
- Investigate security events to determine severity, scope, and organizational impact
- Execute initial triage activities including threat validation, prioritization, and impact assessment
- Conduct detailed log analysis to identify anomalous behavior and indicators of compromise
- Respond to real-time alerts using documented incident response playbooks
- Provide first-response containment and mitigation actions for confirmed security incidents
- Escalate incidents to Incident Response teams when required and support coordinated response activities
- Document all security incidents, findings, investigative steps, and response actions within SOAR platforms
- Analyze suspicious activity to determine whether it qualifies as a confirmed security incident
- Support threat hunting initiatives to identify advanced or stealthy threats within the environment
- Work with senior analysts to refine detection rules, improve SIEM queries, and enhance security use cases
- Investigate phishing emails, malicious domains, suspicious IP addresses, and other threat indicators
- Support malware analysis efforts by providing behavioral observations and preliminary assessments
- Leverage cyber threat intelligence feeds to identify emerging threats, attack techniques, and exploit trends
- Participate in purple team exercises to improve SOC detection, response, and defensive capabilities
- Collaborate with internal technical teams to remediate identified cybersecurity vulnerabilities
- Provide clear, concise reports on security incidents including root cause, impact, and recommended remediation actions
- Support CSOC leadership in maintaining continuous 24/7 security monitoring and incident response coverage
Experience & skills
- Have 3–7 years of experience in security operations, incident response, or threat detection roles
- Demonstrate strong hands-on experience with security monitoring tools including SIEM, SOAR, EDR, and IDS/IPS
- Possess proven experience investigating cybersecurity incidents and performing root cause analysis
- Demonstrate experience in threat hunting, threat intelligence analysis, and incident investigations
- Be capable of refining detection logic, writing SIEM queries, and improving security detection use cases
- Hold a Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, a related field, or Law
- Possess a Master’s degree in Cybersecurity, Information Security, Information Systems, or a related field as a preferred qualification
- Hold or be eligible for professional certifications such as CCSP, GCIH, GCFA, GDSA, or GSOC