Cyber Security Engineer

About This Role

Job Title Cybersecurity Engineer

JOB PURPOSE

Responsible for designing, implementing, and maintaining the organization’s cybersecurity infrastructure and controls to protect

information assets, systems, and networks from cyber threats. This role delivers proactive threat detection, incident response,

vulnerability management, and security compliance aligned with NCA ECC/CCC frameworks and Saudi regulatory requirements,

ensuring a resilient and secure operational environment.

KEY ACCOUNTABILITIES

Generic Accountabilities

• Maintain high standards of professional conduct and service delivery

• Ensure compliance with organizational policies, procedures, and quality standards

• Contribute to continuous improvement initiatives and knowledge sharing

• Maintain confidentiality of sensitive information and data

• Adhere to health, safety, and security protocols

Job Specific Accountabilities

• Security Infrastructure Management: Deploy, configure, and maintain security solutions including firewalls, IDS/IPS, SIEM, WAF, EDR, DLP, and endpoint protection platforms to safeguard organizational assets

• Threat Monitoring & Incident Response: Continuously monitor security events and alerts; investigate and respond to security incidents following documented incident response procedures; perform root cause analysis and implement corrective actions

• Vulnerability Management: Conduct regular vulnerability assessments and penetration tests on systems, networks, and applications; prioritize and track remediation activities to minimize organizational risk

• Security Policy & Compliance: Develop, maintain, and enforce security policies, standards, and procedures; ensure alignment with NCA ECC, CCC, OTCC, PDPL, and other applicable regulatory frameworks

• Cloud Security: Implement and monitor cloud security controls including CSPM, CWPP, and identity management across cloud platforms; ensure cloud workloads meet security baseline requirements

• Identity & Access Management: Administer IAM solutions including RBAC, PAM, MFA, and SSO; enforce least-privilege access principles across systems and applications

• Security Awareness & Training: Conduct security awareness training and phishing simulation campaigns to promote a security-conscious culture across the organization

JOB DESCRIPTION

• Risk Assessment: Perform information security risk assessments, document findings, and recommend risk mitigation strategies to management and relevant stakeholders

• Security Architecture Review: Participate in the review of new systems, applications, and infrastructure designs to ensure security requirements are embedded from inception

• Documentation & Reporting: Maintain accurate security documentation including incident reports, audit logs, risk registers, and provide regular security posture updates to management

QUALIFICATIONS AND EXPERIENCE

Qualification

• Bachelor’s degree in computer science, Cybersecurity, Information Technology, Computer Engineering, or a related technical field

• At least one professional cybersecurity certification is required, such as CompTIA Security+, CEH (Certified Ethical Hacker), or equivalent

• Advanced certifications (CISSP, CISM, CISA, GIAC, or equivalent) are highly desirable

• NCA-aligned training or certifications are a significant advantage

Experience:

• Minimum 3 years of hands-on experience in cybersecurity engineering, information security, or a related IT security role

• Proven experience operating and managing security tools such as SIEM, firewalls, IDS/IPS, EDR, and WAF

• Practical experience in incident detection, investigation, and response

• Demonstrated knowledge of vulnerability assessment and penetration testing methodologies

• Experience implementing security controls aligned with NCA ECC/CCC or equivalent frameworks (ISO27001, NIST CSF)

• Exposure to cloud security concepts and securing workloads on major cloud platforms (AWS, Azure, GCP, or Alibaba Cloud)

COMPETENCIES

• Analytical Thinking: Strong investigative mindset with ability to analyze complex security data and identify patterns

• Problem Solving: Systematic and methodical approach to identifying, containing, and resolving security incidents

• Communication: Effective verbal and written communication skills in English; ability to convey security risks to non-technical stakeholders (Arabic proficiency is a plus)

• Collaboration: Team player with ability to work across IT, operations, and business teams

• Integrity: High level of professionalism, discretion, and commitment to confidentiality

• Adaptability: Ability to respond rapidly to evolving threats, shifting priorities, and high-pressure situations

JOB DESCRIPTION

• Continuous Learning: Proactive in keeping up to date with emerging threats, vulnerabilities, and cybersecurity technologies

• Attention to Detail: Meticulous in log analysis, documentation, and evidence handling Technical

• Security Tools: Hands-on proficiency with SIEM (Splunk, Microsoft Sentinel, or equivalent), EDR, IDS/IPS, WAF, DLP, and firewall management (Palo Alto, Fortinet, CheckPoint, or Cisco ASA)

• Network Security: Strong understanding of network protocols, TCP/IP, VPN, DNS, proxy, and firewall rule management

• Vulnerability & Threat Management: Experience with VA/PT tools (Nessus, Qualys, Burp Suite) and threat intelligence platforms

• Cloud Security: Knowledge of CSPM, CWPP, cloud-native security controls, and securing workloads on major cloud platforms

• Identity & Access Management: Experience with PAM, MFA, IAM policies, and directory services (Active Directory, LDAP)

• Incident Response: Proficiency in incident response lifecycle, digital forensics basics, and log analysis (SIEM correlation rules)

• Scripting & Automation: Ability to write scripts in Python, Bash, or PowerShell for security task automation

• Compliance Frameworks: Familiarity with NCA ECC, CCC, OTCC, PDPL, ISO 27001, NIST CSF, and CIS Controls

• Operating Systems: Proficiency in Windows and Linux/Unix administration and hardening

• Security Architecture: Understanding of Zero Trust Architecture (ZTNA), defense-in-depth, and security design principles

KEY INTERACTIONS & WORKING RELATIONSHIPS

• IT Infrastructure & Cloud Team: Collaboration on security controls for infrastructure and cloud environments

• SOC / MSOC Team: Coordination on threat monitoring, alert triage, and incident response activities

• Operations Team: Support for security incident resolution and compliance enforcement

• Management Team: Regular reporting on security posture, risk status, and compliance metrics

• Project Management Office: Participation in security review of new projects and initiatives External

• NCA & Regulatory Bodies: Ensuring compliance with national cybersecurity mandates and reporting requirements

• MSSP / MSOC Partners: Coordination with managed security service providers on threat detection and response

• Security Vendors: Technical liaison for security product support, updates, and escalations

• Third-party Auditors: Support for external security assessments, audits, and certification activities

• Cloud Service Providers: Collaboration on cloud security configurations and compliance controls