Threat Detection - COOP

As a Threat Detection COOP at COGNNA, you'll design high-impact detection strategies, build powerful automation, and elevate SOC operations to a world-class standard. You'll also mentor rising cyber talent and collaborate with teams across threat intel, incident response, and platform engineering.🔐 Advanced Threat Detection EngineeringBuild high-fidelity correlation rules and behavioral detections within the COGNNA security platformsTranslate adversary TTPs (MITRE ATT&CK), threat intel, and vulnerability data into actionable logicIdentify detection gaps and introduce new data sources to cover evolving threat landscapesAutomate detection testing and maintain detection quality over time⚙️ Platform Engineering & OptimizationLead architecture and optimization of XDR, SIEM, and SOC tech stacks for scale and resilienceStreamline log ingestion pipelines — from parsing to normalization and enrichmentBuild scripts and automations (Python, PowerShell) to enhance SOC efficiencyIntegrate tools across the SOC stack to enable seamless workflows and response. 🕵️‍♂️ Threat Hunting & Incident ResponseCollaborate with intel and IR teams to enrich detection use cases and support threat huntsProvide Tier-3+ support for incident investigations and post-mortem analysis👥 Mentorship & SOC MaturityImprove SOC playbooks, SOPs, and detection engineering workflowsStay updated on global and regional threats — and evolve detection accordinglyEnsure compliance alignment (e.g., NCA ECC, SAMA CSF)RequirementsMinimum Requirements (Must Haves):Education: Currently enrolled in their final year of a Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a closely related field, with graduation planned within or immediately following the 6-month co-opFoundational Security Knowledge: Basic understanding of cybersecurity concepts, including common attack vectors, the Windows/Linux operating system internals, and network protocolsProgramming/Scripting Basics: Familiarity with writing simple scripts in Python or PowerShell to automate repetitive tasks or parse dataLog & System Familiarity: Basic understanding of what logs are (e.g., Windows Event Logs, Syslog) and an interest in how they are collected and analyzedDuration: Availability to commit to a full-time (or near full-time, depending on university rules) 6-month continuous Co-op assignmentPreferred Qualifications (Nice to Haves / Big Plusses):Framework Familiarity: Conceptual knowledge of the MITRE ATT&CK framework and how it maps to adversary behaviorsHands-on Exposure: Previous experience using SIEM/XDR platforms, or building a home lab (e.g., Splunk, Elastic, Wireshark)Regulatory Awareness: A general awareness of cybersecurity frameworks or local compliance standards (like NCA ECC or SAMA CSF)Soft Skills: Strong analytical mindset, a high level of curiosity to dig into threat trends, and excellent written documentation skillsBenefits🚀 Impact that Matters - Build products that shape the future of cybersecurity and protect organizations globally.🏢 On-Site Collaboration - Be at the heart of innovation in our Riyadh office, working side by side with passionate experts.💡 Continuous Growth - Access to certifications, trainings, and opportunities to sharpen your expertise.🤝 Culture of Trust - We empower talent, encourage ownership, and celebrate real outcomes.