COGNNA logo

Threat Detection - COOP

Posted 15 days ago

OfficeRiyadh, Riyadh Province, Saudi Arabia

As a Threat Detection COOP at COGNNA, you’ll design high-impact detection strategies, build powerful automation, and elevate SOC operations to a world-class standard. You’ll also mentor rising cyber talent and collaborate with teams across threat intel, incident response, and platform engineering.

🔐 Advanced Threat Detection Engineering

  • Build high-fidelity correlation rules and behavioral detections within the COGNNA security platforms.
  • Translate adversary TTPs (MITRE ATT&CK), threat intel, and vulnerability data into actionable logic.
  • Identify detection gaps and introduce new data sources to cover evolving threat landscapes.
  • Automate detection testing and maintain detection quality over time.

⚙️ Platform Engineering & Optimization

  • Lead architecture and optimization of XDR, SIEM, and SOC tech stacks for scale and resilience.
  • Streamline log ingestion pipelines — from parsing to normalization and enrichment.
  • Build scripts and automations (Python, PowerShell) to enhance SOC efficiency.
  • Integrate tools across the SOC stack to enable seamless workflows and response.

🕵️‍♂️ Threat Hunting & Incident Response

  • Collaborate with intel and IR teams to enrich detection use cases and support threat hunts.
  • Provide Tier-3+ support for incident investigations and post-mortem analysis.

👥 Mentorship & SOC Maturity

  • Improve SOC playbooks, SOPs, and detection engineering workflows.
  • Stay updated on global and regional threats — and evolve detection accordingly.
  • Ensure compliance alignment (e.g., NCA ECC, SAMA CSF).

Requirements

Minimum Requirements (Must Haves):

  • Education: Currently enrolled in their final year of a Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a closely related field, with graduation planned within or immediately following the 6-month co-op.
  • Foundational Security Knowledge: Basic understanding of cybersecurity concepts, including common attack vectors, the Windows/Linux operating system internals, and network protocols.
  • Programming/Scripting Basics: Familiarity with writing simple scripts in Python or PowerShell to automate repetitive tasks or parse data.
  • Log & System Familiarity: Basic understanding of what logs are (e.g., Windows Event Logs, Syslog) and an interest in how they are collected and analyzed.
  • Duration: Availability to commit to a full-time (or near full-time, depending on university rules) 6-month continuous Co-op assignment.

Preferred Qualifications (Nice to Haves / Big Plusses):

  • Framework Familiarity: Conceptual knowledge of the MITRE ATT&CK framework and how it maps to adversary behaviors.
  • Hands-on Exposure: Previous experience using SIEM/XDR platforms, or building a home lab (e.g., Splunk, Elastic, Wireshark).
  • Regulatory Awareness: A general awareness of cybersecurity frameworks or local compliance standards (like NCA ECC or SAMA CSF).
  • Soft Skills: Strong analytical mindset, a high level of curiosity to dig into threat trends, and excellent written documentation skills.

Benefits

🚀 Impact that Matters – Build products that shape the future of cybersecurity and protect organizations globally.

🏢 On-Site Collaboration – Be at the heart of innovation in our Riyadh office, working side by side with passionate experts.

💡 Continuous Growth – Access to certifications, trainings, and opportunities to sharpen your expertise.

🤝 Culture of Trust – We empower talent, encourage ownership, and celebrate real outcomes.

Job details
Workplace
Office
Location
Riyadh, Riyadh Province, Saudi Arabia

COGNNA’s AI SOC platform with intelligent SOC Agents streamlines detection, response and compliance supporting SOC teams for faster, smarter security.

Key team members

Abdulrahman Mashaabi

Abdulrahman Mashaabi

Adel Alshamrani

Adel Alshamrani

Ibrahim Alshamrani

Ibrahim Alshamrani

Mohamed Moghazy

Mohamed Moghazy

Apply smarter with Jobr

Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.

Direct from company career pages
AI-personalised cover letters
Human review before every submit
Application tracking & follow-ups