DEPARTMENT: ICT Department

LOCATION: Tripoli

WORK MODE: Full time

(THIS VACANCY IS ONLY APPLICABLE FOR LIBYAN NATIONALS)

We are seeking a highly skilled specialist to work in Security Operation Center as second level analyst to monitor security alerts and events in real-time to conduct intermediate deep analysis and investigation of incidents and take actions to contain and mitigate threats based on the investigation and escalate complex incidents to L3 analysts for further analysis and create detailed reports on incidents, including root cause analysis and lessons learned.

Responsibilities & Duties:

• Review logs, network traffic, and endpoint security data and identify patterns and correlate with known threat intelligence.
• Analyze recent activities related to the affected systems and look for signs of compromise and related alerts.
• Correlate findings with threat intelligence databases and identify known indicators of compromise (IOCs).
• Verify endpoint security logs for signs of unauthorized or abnormal processes.
• Record derailed findings in incident management system and include logs, patterns and threat intelligence correlations.
• Implement containment actions (e.g., isolate endpoints) and inform CISO for immediate attention.
• If further analysis is required, escalate to L3 and provide all collected data and findings for L3 analysis.

Required Qualifications and Skills:

• B. Sc. in Information Technology.
• 3-5 years of experience in the Cybersecurity SOC field.
• Intermediate Systems, Memory, Network and Malware Forensics.
• Intermediate level SIEM Log Analysis “Systems, Network & Firewalls”.
• Intermediate Threat Analysis and Threat Vectors.
• Intermediate Incident Response.
• IoCs, UEBA.
• OSINT Tools.
• SIEM Workbooks and automation

Additional Qualifications:

• CompTIA Security+
• CompTIA Network+
• Cybersecurity Mindset
• KQL Language

Applications must be submitted not later than 12th June 2026.