Job summary

Responsible for designing, implementing, and maintaining the organization’s cybersecurity infrastructure and controls to protect information assets, systems, and networks from cyber threats. This role delivers proactive threat detection, incident response, vulnerability management, and security compliance aligned with NCA ECC/CCC frameworks and Saudi regulatory requirements, ensuring a resilient and secure operational environment.

Key responsibility :
• Security Infrastructure Management: Deploy, configure, and maintain security solutions including firewalls, IDS/IPS, SIEM, WAF, EDR, DLP, and endpoint protection platforms to safeguard organizational assets
• Threat Monitoring & Incident Response: Continuously monitor security events and alerts; investigate and respond to security incidents following documented incident response procedures; perform root cause analysis and implement corrective actions
• Vulnerability Management: Conduct regular vulnerability assessments and penetration tests on systems, networks, and applications; prioritize and track remediation activities to minimize organizational risk
• Security Policy & Compliance: Develop, maintain, and enforce security policies, standards, and procedures; ensure alignment with NCA ECC, CCC, OTCC, PDPL, and other applicable regulatory frameworks
• Cloud Security: Implement and monitor cloud security controls including CSPM, CWPP, and identity management across cloud platforms; ensure cloud workloads meet security baseline requirements

Qualification & Experience:
* Identity & Access Management: Administer IAM solutions including RBAC, PAM, MFA, and SSO; enforce least-privilege access principles across systems and applications

• Security Awareness & Training: Conduct security awareness training and phishing simulation campaigns to promote a security-conscious culture across the organization

• Bachelor’s degree in computer science, Cybersecurity, Information Technology, Computer Engineering, or a related technical field
• At least one professional cybersecurity certification is required, such as CompTIA Security+, CEH (Certified Ethical Hacker), or equivalent
• Advanced certifications (CISSP, CISM, CISA, GIAC, or equivalent) are highly desirable
• NCA-aligned training or certifications are a significant advantage
• Minimum 3 years of hands-on experience in cybersecurity engineering, information security, or a related IT security role
• Proven experience operating and managing security tools such as SIEM, firewalls, IDS/IPS, EDR, and WAF
• Experience implementing security controls aligned with NCA ECC/CCC or equivalent frameworks (ISO 27001, NIST CSF)
• Exposure to cloud security concepts and securing workloads on major cloud platforms (AWS, Azure, GCP, or Alibaba Cloud