14 Ceh jobs in Saudi Arabia

Job Description

Job Title: Security Analyst - L3

Experience: 5+ years

Location: Jeddah

Key Responsibility Areas – Security Analyst - L3 – SOC

• Security Incident Leadership: Lead high-priority security investigations and incident response activities, ensuring accurate analysis, containment, remediation, and post-incident reporting.

• Operational Oversight: Oversee day-to-day SOC operations, including shift handovers, escalation management, and ensuring continuity across a 24/7 environment with global customers.

• Technical Expertise: Act as the escalation point for complex threats and security incidents requiring deep analysis of logs, packets, malware, and behavioral patterns using EDR, XDR, SIEM, and forensic tools.

• Threat Detection and Hunting: Conduct proactive threat hunting using various data sources and tools. Create and optimize detection use-cases, correlation rules, and playbooks to enhance threat visibility and reduce dwell time.

• Process & Playbook Management: Develop, refine, and enforce standard operating procedures (SOPs), playbooks, and incident response workflows to drive consistent and measurable outcomes.

• Customer Engagement: Interface with global stakeholders (especially US/Canada clients), providing clear incident briefings, RCA reports, and advisory support.

• Collaboration and Mentorship: Mentor L1 and L2 analysts, conduct training sessions, and support skill development across shifts.

• Continuous Improvement: Participate in tuning detection content, improving tool configurations, and supporting red/blue/purple team exercises to elevate SOC maturity.

• Documentation and Reporting: Ensure high-quality documentation of incidents, processes, and technical findings. Contribute to executive and operational reporting.

Location

Jeddah

Experience

5+ years

Send Your CV To

By contacting us you agree with the storage and handling of your data by this website.

• Security Incident Leadership: Lead high-priority security investigations and incident response activities, ensuring accurate analysis, containment, remediation, and post-incident reporting.
• Operational Oversight: Oversee day-to-day SOC operations, including shift handovers, escalation management, and ensuring continuity across a 24/7 environment with global customers.
• Technical Expertise: Act as the escalation point for complex threats and security incidents requiring deep analysis of logs, packets, malware, and behavioral patterns using EDR, XDR, SIEM, and forensic tools.
• Threat Detection and Hunting: Conduct proactive threat hunting using various data sources and tools. Create and optimize detection use-cases, correlation rules, and playbooks to enhance threat visibility and reduce dwell time.
• Process & Playbook Management: Develop, refine, and enforce standard operating procedures (SOPs), playbooks, and incident response workflows to drive consistent and measurable outcomes.
• Customer Engagement: Interface with global stakeholders (especially US/Canada clients), providing clear incident briefings, RCA reports, and advisory support.
• Collaboration and Mentorship: Mentor L1 and L2 analysts, conduct training sessions, and support skill development across shifts.
• Continuous Improvement: Participate in tuning detection content, improving tool configurations, and supporting red/blue/purple team exercises to elevate SOC maturity.
• Documentation and Reporting: Ensure high-quality documentation of incidents, processes, and technical findings. Contribute to executive and operational reporting.

Role Purpose:

To support the organization's Governance, Risk, and Compliance (GRC) cybersecurity framework by implementing, monitoring, and reporting on cybersecurity initiatives, ensuring alignment with Saudi regulatory requirements and internal policies. The role focuses on managing cybersecurity risks, compliance, and governance activities to strengthen the organization's security posture.

Key responsibilities:

• Assist in the development, implementation, and maintenance of the organization's cybersecurity governance framework in alignment with Saudi cybersecurity regulations.
• Support the identification, assessment, and mitigation of cybersecurity risks as part of the enterprise risk management process.
• Monitor compliance with cybersecurity policies, frameworks, and standards, providing regular updates to the Head of GRC and Cybersecurity.
• Coordinate and support internal and external cybersecurity audits and regulatory assessments.
• Conduct periodic risk assessments and ensure that gaps are documented and addressed through actionable plans.
• Maintain the cybersecurity risk register and track the status of mitigation actions.
• Support the development and delivery of cybersecurity awareness programs for all employees.
• Monitor security incidents and collaborate with IT and third-party vendors for timely response and remediation.
• Assist in managing third-party risks by ensuring vendors comply with the organization's cybersecurity requirements.
• Prepare regular reports on cybersecurity risks, compliance status, and performance metrics for leadership and board-level committees.
• Stay updated on emerging cybersecurity threats and regulatory changes to recommend proactive measures.

Qualifications:

• Bachelor's degree in Cybersecurity, Information Security, Information Technology, or a related field.
• Preferably one or more of the following certifications or similar in Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), ISO 27001 Lead Implementer or Auditor and Certified in Risk and Information Systems Control (CRISC).
• Proficiency in Microsoft Office Suite Word, Excel, PowerPoint, and Outlook.
• Exceptional written and verbal communication skills in both English and Arabic.
• 3-4 years of experience in cybersecurity governance, risk, and compliance.

We are seeking a dynamic and experienced cybersecurity professional to join our Security Operations Center (SOC) team. If you're a Saudi national passionate about cybersecurity, incident response, and threat intelligence, this is your opportunity to make a national impact.

Location: Saudi Arabia

Position: Senior Security Analyst

Preference: Saudi nationals

Department: Security Operations Center (SOC)

Key Responsibilities

• Monitor and analyze security technologies such as IDS/IPS, Firewalls, VPNs, and Switches.
• Investigate and respond to security incidents using SIEM and XDR tools.
• Develop and implement incident response procedures within defined SLAs.
• Perform threat hunting, forensic log analysis, and generate quality security reports.
• Work closely with internal teams and clients to resolve and document incidents.
• Mentor junior analysts and contribute to team knowledge-sharing.
• Create and maintain technical documentation and threat intelligence reports.
• Develop SIEM content, drive automation (SOAR), and contribute to continuous improvement.
• Engage in on-site incident response activities when needed.

Qualifications & Skills

• Minimum 4+ years of cybersecurity experience.
• Bachelor's or Master's degree in Cybersecurity, IT Security, or a related field.
• Hands-on experience with XDR, SIEM platforms (Splunk, ArcSight, QRadar, LogRhythm), and incident handling.
• Strong understanding of MITRE ATT&CK, Cyber Kill Chain, and network protocols (TCP/IP).
• Preferred certifications: OSCP, CISSP, CCIE, GCIH, GCIA, etc.
• Ability to analyze and interpret logs from various system and security sources.
• Fluent in English; Arabic is a plus.
• Strong communication, leadership, and mentoring abilities.

Why Join Us?

• Be a part of a critical national SOC team protecting vital infrastructure and enterprise networks.
• Work with advanced threat detection tools and contribute to real-time security defense.
• Collaborate with top-tier cybersecurity professionals and grow in a high-impact environment.

Interested candidates (Saudis preferred) can apply now or send their CV to () with the subject line:

Application – Senior Security Analyst – Saudi Arabia

Job Type: Full-time

Pay: From ﷼5,000.00 per month

Application Question(s):

• Current Salary per month in SAR
• Expected Salary per month in SAR
• Nationality
• Notice Period
• Current Location

Experience:

• SOC: 3 years (Required)

Location:

• Jeddah (Required)

Job Objective
The Penetration Testing & Vulnerability Management Section Manager is responsible for evaluation and testing to identify weak points, analyze results, and ensure proper communication to confirm effective corrective measures are taken in a timely manner.

This includes supervising penetration testing activities, following up on recommendations, and ensuring the implementation of corrective actions. Additionally, the Section Manager is responsible for preparing and developing penetration testing policies and updating them in cooperation with the cybersecurity team to ensure alignment with international standards and security requirements.

The Section Manager also ensures that recommendations and reports submitted to different departments are followed up, and that the best international practices are applied in the field of penetration testing and vulnerability management.

Roles And Responsibilities

• Share requirements and needs to develop the information and cybersecurity action plan, and ensure alignment with the Authority's strategy
• Develop the operational plan of the Vulnerability Management and Testing Department and align it with the Information and Cyber Security Action Plan and the Strategic Plan for Analysis and Risk
• Implement plans and provide the necessary inputs to be able to achieve the objectives of the Gap Management and Testing Department, which supports the overall strategic objectives of the Authority.
• Discuss the budget requirements of the Division Management and Testing Gaps with senior management and provide input related to the budgeting process.
• Ensure optimal use of the Vulnerability Management and Testing Department's budget and provide an accurate report on progress and challenges encountered
• Validate initiatives and propose the implementation of those that achieve positive financial results for the Vulnerability Management and Testing Department and mitigate financial and operational risks.
• Lead the assessment of cybersecurity software to detect vulnerabilities and ensure proper communication to secure an effective and timely solution
• Monitor penetration testing activities to discover results and ensure proper communication to secure an effective and timely solution
• Oversee the implementation of the reform plan to identify discovered issues and ensure proper assessment of the current technology infrastructure
• Developing, developing, and updating penetration testing and vulnerability management policies and procedures in collaboration with the cybersecurity team and relevant departments.
• Manage sophisticated tools and techniques to detect and exploit vulnerabilities in the IT system from the attacker's point of view.
• Manage and supervise penetration testing activities to assess security effectiveness
• Document, categorize, and report and make recommendations on penetration test results, identified gaps, actions taken, potential impacts, and corrective and preventive actions.
• Applying international best practices and standards in the field of penetration testing and vulnerability management.
• Assess, classify, and approve change requests received from different departments and ensure that they comply with security standards and requirements.
• Identify and allocate resources, timelines, and responsibilities to implement changes in an orderly and effective manner.
• Monitor and track the status of changes and resolve issues and risks that may occur during the change process.
• Participate in the identification and recruitment of key talent
• Guidance, guidance, and support of direct reports to carry out tasks according to defined processes and policies
• Develop individual performance goals, provide support, evaluate the team, and provide feedback on performance on an ongoing basis
• Creating a high-performance work environment and promoting the values of the Authority

Qualifications And Job Requirements

• 6 years of optimal industry experience (required).
• A bachelor's degree in computer science or cybersecurity, or equivalent, is required.
• A Master's degree in Cybersecurity, or equivalent, is preferred.
• Professional certifications in cybersecurity (preferred).

Our Culture:

At Hulool Zaintech for Information Technology we are proud of our culture and how it drives everything we do. We are looking for individuals who share our values and want to be part of a unique and engaging culture that revolves around collaboration and innovation. If you are looking for a role where you can drive engagement and excellence across teams through commitment and collaboration, and are someone who is customer-centric and appreciates an organization with uncompromised integrity that focuses on employee engagement then read on to learn more about how you can become part of the Hulool Zaintech family.

Our Code of Conduct

At Hulool Zaintech for Information Technology we strictly adhere to our code of conduct, which is there to serve as a moral compass, offering a framework for responsible behaviours and enabling ethical choices that cultivate positive relationships and a better future. It also outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across the countries we engage with.

Every year, all employees are required to review, comprehend, confirm, and adhere to the code of conduct. Additionally, all newly hired employees are subject to the same as part of their onboarding process.

The SOC L1 team plays a critical role in maintaining the security posture of an organization and protecting it from cyber threats.

Duties and Responsibilities:

• Performing initial analysis on true positive alerts to determine root cause and impact.
• Undertake first stages of false positive and false negative analysis.
• Generate weekly reports from SIEM platform and send it to L2 SOC analysts for review
• Track and update incidents and requests based on client’s updates and analysis results
• Escalate validated and confirmed incidents as per escalation procedures.
• Collection of necessary logs that could help in the incident containment and security investigation
• Acknowledge, analyze and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.
• Acknowledge, analyze and validate incidents triggered from correlated events through SIEM solution.
• Other duties related to the position

• Bachelor's degree in Cyber Security, Computer Science, or any IT-related field
• 0-2 years of experience, fresh graduates are welcome to apply

Minimum two of the below Certificates:

• Security+
• CEH
• eLearnSecurity Certified Incident Responder
• EC-Council Certified Security Analyst

Cipher | سايڤر is a cybersecurity solutions provider based in Riyadh, Saudi Arabia. The company's goal is to simplify the perception of complexity surrounding cybersecurity problems and solutions. Cipher's team of Saudi professionals and experts work tirelessly to develop, customize, and manage digital services and cybersecurity solutions to ensure their peace of mind. Our goal is to provide peace of mind to our clients by making digital security simple and efficient.

Key Responsibilities:

• Engage with clients to define the scope and objectives of penetration tests, including systems, applications, and environments to be assessed.
• Plan, design, and execute manual penetration tests across web applications, mobile applications, APIs, cloud services, and enterprise infrastructure.
• Perform advanced security assessments such as source code reviews, business logic testing, and red team/adversary simulations.
• Conduct onsite and remote testing to identify vulnerabilities, misconfigurations, and gaps in defensive controls.
• Simulate real-world attacks to evaluate the effectiveness of detection, prevention, and response mechanisms.
• Document and communicate findings in detailed technical reports with clear risk ratings, business impact analysis, and actionable remediation steps.
• Present results and recommendations to both technical and executive-level stakeholders.
• Provide strategic security advice to clients on hardening systems, reducing attack surface, and improving detection and response.
• Continuously update knowledge of emerging threats, vulnerabilities, tools, and penetration testing methodologies (e.g., OWASP, MITRE ATT&CK).

Educational Requirements:

Bachelor's degree of Computer Science, Cybersecurity, Information Technology, or a related field.

Certifications:

Preferred Certifications:

• OSCP (Offensive Security Certified Professional)
• eWPTX (eLearnSecurity Web Application Penetration Tester eXtreme)
• CRTP (Certified Red Team Professional)
• Additional relevant certifications such as OSWE, OSEP, GXPN, CREST CRT, or equivalent.

Required Skills & Competencies:

• Strong hands-on experience in penetration testing of web, mobile, cloud, and infrastructure environments.
• Expertise in manual vulnerability discovery and exploitation (excluding exploit development).
• Experience conducting detailed source code reviews to identify security weaknesses.
• Familiarity with red team frameworks, adversary simulation techniques, and threat modeling.
• Proficiency in scripting and automation (e.g., Python, PowerShell, Bash).
• Strong analytical and problem-solving skills, with the ability to evaluate complex systems.
• In-depth understanding of technical systems, application architectures, and common attack vectors.
• Excellent written and verbal communication skills for delivering clear reports and executive presentations.
• Ability to translate technical findings into meaningful business risk insights.

Perform penetration tests and vulnerability assessments to identify, exploit, and help remediate security weaknesses in the organization's IT environment. Deliver clear, actionable results for technical and non-technical audiences.

Key Responsibilities:

• Conduct regular penetration tests (internal/external, web, network, applications) and vulnerability assessments.

• Identify attack paths and prioritize exploitable weaknesses while ensuring service continuity.

• Produce clear, actionable reports for technical teams and leadership.

• Develop and test incident response playbooks and remediation guidance.

• Use SIEM and log analysis to support testing and post-exploit investigations.

• Support SOC operations and continuous monitoring activities.

• Run periodic IDS/IPS and detection-control tests and update response procedures.

• Collaborate with IT teams to validate fixes and improve defenses.

• Maintain thorough documentation of tests, findings, and remediation steps.

• Stay current with global threat developments and adjust testing methodologies accordingly.

Minimum Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or related field.

• 3–4 years' experience in penetration testing, red teaming, or offensive security.

Preferred Certifications:

• eJPT

• OSCP

• CEH

or equivalent.

Company Overview:

Advanced technology and cybersecurity company (sirar) established by stc, the region's ICT and digital services provider, sirar by stc is a cutting-edge cybersecurity provider that empowers organization to take control of their cyber capabilities and digital environments.

As experts in business security and privacy.

We offer a comprehensive range of solutions that help you to operate online safely, securely, and efficiently. The tools we provide help organizations detect and prevent cybersecurity attacks, safeguard their digital future, and provide protection and security from that point forward.

Key Responsibilities:

• Identifies methods that attackers could use to exploit system and network vulnerabilities.
• Mimics malicious social engineering techniques that an attacker would use to attempt a system breach to uncover security gaps and vulnerabilities.
• Gathers information about network topography and usage through technical analysis and open-source research and document findings.
• Uses security testing and code scanning tools to conduct code reviews.
• Recommends security controls to mitigate risks identified through testing and review.
• Conducts required reviews, including reviews of defensive measures, according to the organization's policies.
• Conducts authorized penetration testing of infrastructure and assets.
• Performs technical and nontechnical risk and vulnerability assessments of organizational technology environments.
• Maintains a deployable cyber defense audit toolkit based on industry best practice to support cyber defense audits.
• Tests for vulnerabilities in web applications, client applications and standard applications.
• Conducts physical security assessments of servers, systems, and network devices.
• Reports penetration testing and vulnerability assessment findings including risk level, proposed mitigation, and details necessary to reproduce the test results.
• Explains business impact of vulnerabilities identified through testing to make case for addressing them.
• Presents test findings, risks, and conclusions to technical and non-technical audiences.
• Designs simulated attacks to reflect impact in the organization's business and its users.
• Supports in collaborating with cybersecurity vendors to drive innovation in Penetration Testing services development and manage overall Penetration Testing service lifecycle.
• Supports in leading the implementation of go-to-market and roadmap for Penetration Testing services solutions & tools.
• Supports in developing Penetration Testing Services' lifecycle end-to-end, including Ideation, feasibility analysis, planning, sourcing, business case, toolkits and operating models design, commercialization, launch, performance management, and retirement, in collaboration with other Advisory sections.
• Contributes to the overall success of the company by performing all other duties and responsibilities as assigned by line manager.

Qualification:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related discipline.

Professional Certificate:

• Offensive Security (OSCP, OSWP, OSWE, OSEP, etc)
• GIAC (GXPN, GCPN, GAWN, GPYC, etc)
• Pen tester Academy (Red Team Expert)

Years of Experience:

• 3 – 5 years in relevant experience

Skills:

• Advance proficiency in conducting vulnerability scans and determine vulnerabilities from the results.
• Intermediate proficiency in conducting penetration testing in line with the organization's policies and best practice.
• Advance proficiency in developing insights about an organization's threat environment.
• Advance proficiency in analyzing vulnerability and configuration data to identify cybersecurity issues
• Advance proficiency in mimicking threat behaviors.
• Intermediate proficiency in implementing adversary Tactics, Techniques and Procedures.
• Basic proficiency in service development.
• Basic proficiency in user experience knowledge.
• Basic proficiency in recognizing industry trends & KPIs