Job Description

As

a Senior Threat Detection Engineer

at COGNNA, you'll design high-impact detection strategies, build powerful automation, and elevate SOC operations to a world-class standard. You'll also mentor rising cyber talent and collaborate with teams across threat intel, incident response, and platform engineering.



Advanced Threat Detection Engineering

Build high-fidelity correlation rules and behavioral detections within the COGNNA security platforms. Translate adversary TTPs (MITRE ATT&CK), threat intel, and vulnerability data into actionable logic. Identify detection gaps and introduce new data sources to cover evolving threat landscapes. Automate detection testing and maintain detection quality over time.
? Platform Engineering & Optimization Lead architecture and optimization of XDR, SIEM, and SOC tech stacks for scale and resilience. Streamline log ingestion pipelines -- from parsing to normalization and enrichment. Build scripts and automations (Python, PowerShell) to enhance SOC efficiency.
Integrate tools across the SOC stack to enable seamless workflows and response.

?? ? Threat Hunting & Incident Response

Collaborate with intel and IR teams to enrich detection use cases and support threat hunts. Provide Tier-3+ support for incident investigations and post-mortem analysis.

Mentorship & SOC Maturity

Mentor junior engineers, review detection logic, and provide hands-on training. Improve SOC playbooks, SOPs, and detection engineering workflows. Stay updated on global and regional threats -- and evolve detection accordingly. Ensure compliance alignment (e.g., NCA ECC, SAMA CSF).

Requirements

Education

Bachelor's in Computer Science, Cybersecurity, or related field.

Experience

4+ years in Threat Detection, SOC Engineering, or Advanced SecOps. Hands-on expertise in developing and maintaining complex detection use cases. Strong understanding of attacker behavior, IR fundamentals, and digital forensics.

Technical Skills (You're a Power User!)

SIEM: Expert in SIEM queries (SPL, KQL, Lucene), rule tuning, UEBA, and scaling. EDR: Deep knowledge of EDR tools and endpoint detection tactics. Network Security: Pro at packet analysis (Wireshark), IDS/IPS, and NetFlow. Scripting: Advanced skills in Python and/or PowerShell for automation and integration. OS Internals: Mastery of Windows/Linux/macOS logging, artifacts, and forensic value. Threat Intelligence: Skilled in turning threat intel into real-time detection logic. Cloud Security: Strong command of monitoring IaaS/PaaS/SaaS environments.

Certifications (Highly Preferred)

SANS GIAC (GDAT, GMON, GCIA, GCTI, GCIH) Offsec (OSDA) INE (eCTHP, eCIR) (ISC) CISSP, CSSLP

Soft Skills

Exceptional analytical thinking and creative problem-solving. Excellent communication (English & Arabic), including technical reporting. Strong mentorship abilities and a collaborative spirit. Self-motivated, focused, and passionate about cyber defense.
Capable of juggling priorities under high-pressure situations.

Benefits

Impact that Matters

- Build products that shape the future of cybersecurity and protect organizations globally.

On-Site Collaboration

- Be at the heart of innovation in our Riyadh office, working side by side with passionate experts.

Continuous Growth

- Access to certifications, trainings, and opportunities to sharpen your expertise.

Ownership Mindset

- Benefit from our

ESOP program

and grow with COGNNA's success.

Culture of Trust

- We empower talent, encourage ownership, and celebrate real outcomes.