151 Database Security jobs in Saudi Arabia

We are thrilled to announce an opportunity for a skilled Information Security Engineer to join our team and play a role in enhancing our security measures by utilizing your abilities and deep knowledge of information security methodologies. Paying attention to details and efficiently solving problems will be crucial in ensuring the safety of Tabby's systems.

The role you will be involved in both operations and important implementation projects contributing to the growth and maintenance of our technology infrastructure. If you have a passion for cybersecurity, possess technical skills and aspire to make a significant impact we strongly encourage you to apply and become an essential part of our dedicated cybersecurity team.

• Cloud Security: Have a good understanding of cloud services such as Google Cloud
• Provide (GCP), Terraform, CI-CD Security, Kubernetes Security,Gitlab, Product security features and fixes.
• Penetration Testing: Perform Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) for Web, Mobile, and API applications. Plan and conduct Infrastructure Vulnerability Assessment and Penetration Testing of systems,
  
  switches, servers, and more.
• End-Point Protection: Exhibit expertise in planning, implementing, and managing enterprise-level Anti-Virus (AV) solutions to safeguard against malware, viruses, and other malicious threats.
• Infrastructure Security: Review the complete corporate IT infrastructure's security, including network security controls, anti-malware implementation, Cloud Security posture.
• Management (CPM), Data Loss Prevention (DLP), firewall rulesets, backup and disaster
  
  recovery, and vulnerability management processes.
• Project Management: Work across various product and engineering teams to prioritize security features and bugs, and ensure implementation and mitigation.Work with DevOps and other teams to implement and improve security controls and/or processes.
• Security Awareness: Experience in conducting phishing simulations and other awareness exercises to evaluate employee susceptibility to social engineering and provide targeted training to enhance resilience.
• Security Monitoring: Automation and improvement of Incident Response procedures, playbook creation to reduce manual effort of responding to typical cyber incidents along with monitoring of threats and vulnerabilities or conducts regular threat intelligence.
• Research and develop detection rules utilizing an array of tools.

• Degree in Information Technology, Computer Science, Software Engineering, or related field
• Knowledge of Information Technology security issues and approaches to manage
• Information Technology security with a fast paced Fintech environment.
• Security Qualification Good to have: CEH, CompTia Security, etc
• Excellent communication, influencing and stakeholder management skills
• 2-3 Experience of working across teams to deliver solutions and generate high levels of
• internal buy-in
• Experience of developing and delivering training.
• Experience of working in a culturally diverse environment
• Knowledge of online technologies, payment methods, content delivery networks, REST APIs, microservices, and application development.
• Programming and scripting understanding (Bash, Python etc.)
• Good Cloud experience with and appreciation of AWS, GCP & OCI.

Tabby creates financial freedom in the way people shop, earn and save, by reshaping their relationship with money.

The company's flagship offering allows shoppers to split their payments online and in-store with no interest or fees. Over 32,000 global brands and small businesses, including Amazon, Noon, IKEA and Shein use Tabby to accelerate growth and gain loyal customers by offering easy and flexible payments online and in stores.

Tabby has generated over $7 billion in transaction volume for its partner brands and has the highest rated, most reviewed, largest and fastest growing app of any fintech in the GCC region.

Tabby launched operations in 2020 and has raised +$1 billion in equity and debt funding from global and regional investors.

We are looking for an Information Security Engineer L2 to strengthen our cybersecurity team. If you have the skills and experience, we welcome your application

Requirements:

• Bachelor's degree in computer science or related field
• Minimum of 5 years of experience in cybersecurity
• eJPT Certified
• CCNA Certified
• Additional industry certifications such as CISSP, CISA, and CEH are a plus
• Hands-on experience with security technologies including IAM, PAM, Mail Security, Antivirus, Advanced Threat Protection, SSL, VPN, NAC, WAF, and more
• Strong problem-solving and analytical skills
• Excellent communication skills and ability to work within a team
• Ability to work independently with minimal supervision

Responsibilities:

• Manage, maintain, and upgrade Identity and Access Management (IAM) systems, performing all operational tasks according to best practices to ensure system availability and regular updates
• Manage, maintain, develop, and upgrade server permissions and PAM systems, performing all operational tasks according to best practices to ensure system availability and regular updates
• Conduct regular and on-demand security scans and assessments on systems

We're currently looking for a skilled and motivated Information Security Engineer (Level 2) to join our cybersecurity team. If you meet the qualifications below and have a passion for protecting digital environments, we encourage you to apply.

Requirements:

• Bachelor's degree in computer science or a related field.
• Minimum of 5 years of hands-on experience in cybersecurity.
• eJPT and CCNA certifications are required.
• Additional certifications such as CISSP, CISA, or CEH are a strong plus.
• Practical experience with a wide range of security technologies, including:
• IAM, PAM, Mail Security, Antivirus, Advanced Threat Protection, SSL, VPN, NAC, WAF, etc.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal abilities.
• Ability to work independently and collaboratively within a team.

Key Responsibilities:

• Manage, maintain, upgrade, and enhance the Data Loss Prevention (DLP) system, ensuring high availability and regular updates based on best practices.
• Administer and improve the Email Security system, ensuring continuous protection and operational excellence.
• Operate, maintain, and upgrade the Antivirus (AV) system to ensure comprehensive endpoint protection and compliance with standards.
• Conduct regular and on-demand security scans and assessments for targeted systems.

Department:
InfoSec Monitoring

Employment Type:
Full Time

Location:
KSA

Reporting To:
Weam Munshi

Description
We're looking for an experienced and proactive
Senior Information Security Engineer
to serve as a senior member of our cybersecurity operations team. You'll lead complex investigations, shape our detection capabilities, and provide strategic input into incident response and threat management. As a technical authority in the SOC, you'll mentor junior analysts, collaborate across teams, and help drive continuous improvement in our security posture.

Key Responsibilities

Advanced Threat Detection & Monitoring

• Lead the analysis and triage of high-fidelity alerts and complex event correlations across firewalls, IDS/IPS, endpoints, servers, and cloud platforms.
• Identify and investigate sophisticated threats, advanced persistent threats (APTs), and anomalous behavior patterns.
• Continuously refine detection logic, SIEM rules, and alerting thresholds to optimize SOC effectiveness.
• Design and maintain operational dashboards and KPIs to track security trends and SOC performance.

Incident Response & Forensics

• Act as the primary incident commander for major security incidents, coordinating technical response and stakeholder communication.
• Conduct root cause analysis, full-scope investigations, and forensic analysis using endpoint and network-based artifacts.
• Drive post-incident reviews and deliver actionable recommendations to reduce future risk.
• Oversee incident documentation quality and ensure consistency in reporting and knowledge transfer.

Detection Engineering & Threat Intelligence

• Research and operationalize threat intelligence into custom detection rules, threat hunting queries, and playbooks.
• Develop and tune detection use cases aligned with MITRE ATT&CK and evolving threat actor techniques.
• Contribute to the development and enhancement of SOAR workflows and automation to improve SOC efficiency.

Vulnerability & Risk Management

• Collaborate with infrastructure and DevOps teams to assess and prioritize vulnerabilities in context with threat intelligence.
• Support patch validation and track remediation efforts for critical exposures.
• Guide vulnerability lifecycle processes, ensuring risks are addressed in a timely and measurable way.

Collaboration & Mentorship

• Serve as a technical mentor and escalation point for Tier 1 and Tier 2 SOC analysts.
• Lead training initiatives and tabletop exercises to strengthen SOC readiness and maturity.
• Work closely with IT, Engineering, Compliance, and Risk teams to ensure alignment during investigations and threat mitigation efforts.
• Communicate clearly and effectively with stakeholders, including drafting concise executive summaries during major incidents.

Skills, Knowledge and Expertise

• 3–5+ years of hands-on experience in a SOC or cybersecurity operations role, including incident handling and threat detection.
• Deep understanding of security operations, threat hunting, attack vectors, and cyber kill chains.
• Proven expertise in log analysis, endpoint telemetry, and cloud-native security tools (e.g., AWS CloudTrail, Azure Sentinel).
• Strong scripting experience (e.g., Python, PowerShell) for automation and detection engineering.
• Experience with SIEMs (e.g., Splunk, Elastic, Sentinel), SOAR platforms, EDR/XDR tools, and Threat Intelligence platforms.
• Familiarity with DevSecOps, APIs, microservices, and modern application architectures.
• Security certifications such as GCIA, GCIH, CySA+, or equivalent (preferred).
• Clear and confident communicator with the ability to lead during high-pressure situations and present findings to technical and non-technical audiences.

About the Role

We are seeking a highly experienced
Cybersecurity Manager
with a proven track record in
Governance, Risk & Compliance (GRC)
,
Network Security
, and
Infrastructure Security
. The ideal candidate will have extensive experience working with
System Integrators
, driving complex security projects, and ensuring robust cybersecurity frameworks across enterprise environments.

Key Responsibilities

• Lead and manage cybersecurity initiatives focusing on
  GRC, Network, and Infrastructure security domains
  .
• Design, implement, and oversee cybersecurity strategies and frameworks in line with international standards and regulatory requirements.
• Work closely with clients, stakeholders, and technology teams to deliver end-to-end security solutions.
• Ensure security compliance across critical systems, networks, and infrastructures.
• Drive risk assessments, audits, and remediation strategies.
• Provide leadership, mentorship, and guidance to security teams.

Requirements

• Minimum
  15 years of experience
  in cybersecurity with a strong managerial background.
• Expertise in
  Governance, Risk & Compliance (GRC)
  ,
  Network Security
  , and
  Infrastructure Security
  .
• Proven
  System Integrator experience
  in delivering large-scale cybersecurity projects.
• Strong domain knowledge in
  Airlines, Transport, or Tourism sectors
  (preferred).
• Excellent communication skills in
  Arabic and English
  .
• Relevant certifications (CISSP, CISM, CISA, ISO 27001 Lead Implementer, etc.) are highly desirable.

Location

Jeddah, Saudi Arabia

Experience

4

Job Type

Recruitment

Job Description

• The responsibility of this role is to oversee and ensure the establishment of a cybersecurity and IT risk management program across the client, and to act as the focal point for cybersecurity and IT risk governance activities.
• Responsible for the design, management and review of Client's cybersecurity and IT risk management policies, standards, and baselines to ensure secure operation of Client information & systems.
• Conduct both network and user activity audits where required to determine security needs.
• Providing guidance and required training on matters relating to cybersecurity, ensuring the implementation of necessary actions to adhere to applicable laws/regulations, standards, and guidelines.

Responsibilities -

Network Administration and Security

• Manage protection of information systems, the detection of threats to Client's systems, and the response to detected threats and cyber-attacks.
• Safeguards information system assets by identifying and solving potential and actual security problems.
• Protects system by defining access privileges, control structures, and resources.

Performance Monitoring-

• Manage and Troubleshoot network systems issues and submit recommendations for improvements in network operation and management.
• Plan for disaster recovery and create contingency plans in the event of any security breaches
• Engage in and manage 'ethical hacking', for example, simulating security breaches
• Identify potential weaknesses and implement measures, such as firewalls and encryption

Vendor Management-

• Coordinate with vendors to expedite the resolution of problems.
• Evaluate vendor solutions to ensure compliance with requirements and cost effectiveness.

Service Management-

• Act as an escalation point for all requests and incidents related to the network.
• Follow up on issues and provide subject matter expertise support for diagnosing and resolving problems.

Firewall Management (On-Premise and Cloud)-

• Oversee configuration, monitoring, and maintenance of on-premises and cloud-based firewalls, ensuring they are optimized to prevent unauthorized access and detect potential threats.
• Define and implement firewall rules and policies, including access controls, to secure network traffic according to organizational and compliance standards.
• Conduct regular audits and vulnerability assessments on firewalls to identify and mitigate any potential security weaknesses.
• Collaborate with network and system teams to troubleshoot and resolve firewall-related issues while minimizing downtime and disruption.

Cloud Security Management (Defender for Cloud)-

• Configure, manage, and optimize Microsoft Defender for Cloud settings to enhance security posture across cloud resources, including VMs, databases, and storage accounts.
• Develop and enforce security policies within Defender for Cloud to monitor and mitigate risks associated with cloud infrastructure, applications, and data.

Network Security-

• Design, implement, and maintain secure network architecture, incorporating firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and network segmentation strategies.
• Conduct network traffic analysis and continuous monitoring to identify anomalies or suspicious activities that may indicate potential security threats.

Threat Monitoring and Incident Response-

• Implement and oversee threat monitoring processes using security information and event management (SIEM) systems, integrating data from firewalls, Defender for Cloud, and network devices.
• Develop and execute incident response protocols for network, firewall, and cloud security incidents, minimizing impact through quick containment, analysis, and remediation.
• Perform post-incident analysis and reporting to identify root causes, improve firewall configurations, and update security policies as needed.

Compliance and Documentation-

• Ensure firewall, network, and cloud security policies comply with relevant regulations and industry standards (e.g., NIST, ISO
• Maintain documentation for all security configurations, procedures, and policies to facilitate audits and enhance knowledge sharing across IT teams.
• Conduct regular security assessments, risk analyses, and penetration tests on cloud and onpremises systems to verify compliance and mitigate vulnerabilities.

Service Level Agreements (SLA)-

• Monitor production, outputs, and services to ensure that SLAs, and other quality metrics, are being met.
• Developing SLAs.

Education and Experience -

• A bachelor's degree in IT and a master's degree is desirable, Min 4 years of experience
• Advanced certifications such as SANS GIAC/GCIA/GCIH and/or SIEM-specific training and certification
• Relevant certifications are an advantage (such as IAM Level I Security+ CE, CAP, CND, Cloud+, CSLC, CEH, CISM, CISSP, CASP, CCNA-Security)
• DoD-8570 IAT Level 2 baseline certification (Security+ CE or equivalent)

Firewall and Network Security-

• Certifications like Checkpoint Certified Security Administrator (CCSA) or Palo Alto Networks Certified Network Security Engineer (PCNSE) show expertise in managing and configuring

firewall systems.

• Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM), which provide a comprehensive understanding of security management

practices.

Network Security:

• CompTIA Network+ or Cisco Certified CyberOps Associate for foundational and advanced knowledge in networking security principles and operations.

Competencies

• Firewall Management: Proficiency with firewall technologies and platforms (e.g., Cisco ASA, Palo Alto, Checkpoint) for setting up, configuring, and maintaining firewalls on both on-premises and cloud platforms.
• Cloud Security Expertise: In-depth understanding of cloud environments, especially

Microsoft Azure, to manage and secure cloud services, implement Defender for Cloud policies, and perform risk assessments.

• Networking Knowledge: Strong grasp of network protocols, segmentation, VPNs, IDS/IPS, and secure configuration of network devices.
• Security Monitoring and Incident Response: Proficiency in using SIEM tools (e.g., Splunk,

Microsoft Sentinel for monitoring, alerting, and responding to cybersecurity incidents across firewall and cloud environments.

• Risk Assessment and Compliance: Ability to assess risk in IT systems and ensure compliance with standards like NIST, ISO 27001, and PCI DSS.

We are looking for a highly skilled and experienced Senior Information Security Engineer to join our team and help elevate our cybersecurity posture to the next level

Requirements:

• Bachelor's degree in computer science or a related field
• Minimum of 7 years of experience in the cybersecurity field
• eJPT and CCNA certifications
• Hands-on experience with security technologies including:
• IAM, PAM, Mail Security, Antivirus, Advanced Threat Protection, SSL, VPN, NAC, WAF, etc.
• Industry certifications such as CISSP, CISA, or CEH are a strong plus
• Strong problem-solving and analytical skills
• Excellent communication and interpersonal abilities
• Ability to work both independently and within a team environment

Key Responsibilities:

• Conduct penetration testing before the deployment of any change requests
• Perform regular and on-demand security scans and assessments on target systems
• Support the implementation and compliance with the National Cybersecurity Authority (NCA) controls
• Ensure protection of organizational data and system/application configurations against cybersecurity threats
• Guarantee the confidentiality, integrity, and availability of the organization's information
• Ensure web application security against cyber threats
• Contribute to Digital Forensics and Incident Response (DFIR)

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it's a place where you can grow, belong and thrive.

Your day at NTT DATA
As an Information Security GRC Specialist at NTT DATA, your role will be to ensure that our clients' security infrastructures and systems remain operational. With a proactive approach, you'll monitor, identify, investigate, and resolve technical incidents and problems, restoring service efficiently. Your primary objective will be to handle client requests or tickets with technical expertise, ensuring they are resolved within the agreed service level agreement (SLA).

You'll actively manage work queues, perform operational tasks, and update tickets with resolution actions. By identifying issues and errors early on, you'll log incidents promptly and provide second-level support, communicating effectively with other teams and clients to extend support when needed. Your role includes executing changes responsibly, flagging risks and mitigation plans, and ensuring all changes have proper approvals.

Collaborative efforts are at the heart of this role. You'll work closely with automation teams to optimize efforts and automate routine tasks, ensuring seamless handovers during shift changes. Your analytical skills will be key in auditing incident and request tickets for quality, recommending improvements, and contributing to trend analysis reports to identify automation opportunities.

As a go-to for initial client escalations, you'll assist L1 Security Engineers with triage and troubleshooting, and support project work when required. Your contributions to the change management process will ensure thorough documentation, effective planning and execution of maintenance activities, and compliance with standard procedures.

To thrive in this role, you need to have:

• Experience with managed services handling security infrastructure and working knowledge of ticketing tools, preferably ServiceNow.
• Proficiency in active listening, with techniques like paraphrasing and probing for further information.
• Excellent planning skills, able to anticipate and adjust to changing circumstances.
• Strong ability to communicate and engage across different cultures and social groups.
• Adaptability to changing conditions and flexibility in approach.
• Client-focused mindset, always putting their needs and positive experience first.
• A positive outlook and the ability to work well under pressure.
• Willingness to put in longer hours when necessary.
• Bachelor's degree or equivalent qualification in IT/Computing, or relevant work experience.

Workplace type:
On-site Working

About NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Third parties fraudulently posing as NTT DATA recruiters
NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters—whether in writing or by phone—in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an

email address. If you suspect any fraudulent activity, please
contact us
.

Department:
InfoSec GRC

Employment Type:
Full Time

Location:
KSA

Reporting To:
Weam Munshi

Description
Reporting directly to the Head of Information Security, you will play a pivotal role in safeguarding Tweeq's information assets, managing risks, and driving the implementation of robust security frameworks in compliance with SAMA's guidelines.

Key Responsibilities

Compliance and Governance:

• Ensure adherence to SAMA requirements and standards.
• Develop, implement, and maintain information security policies, procedures, and guidelines.
• Monitor compliance with internal security policies and external regulatory requirements.

Risk Management:

• Conduct risk assessments and vulnerability analyses to identify and mitigate security threats.
• Develop and implement risk management strategies and controls.
• Monitor and report on the effectiveness of security measures.

Security Operations:

• Oversee the implementation and management of security tools and technologies.
• Coordinate with IT and other departments to ensure robust security measures are in place.
• Manage incident response and investigation processes.

Training and Awareness:

• Develop and deliver security awareness training programs.
• Promote a culture of security awareness within the organization.

Project Involvement:

• Participate in projects, including the onboarding and implementation of new systems, such as GRC tools.
• Attend workshops and contribute to the integration of security requirements into new projects.

Reporting and Documentation:

• Prepare regular reports on the status of information security programs.
• Maintain documentation related to security policies, procedures, and incidents.

Skills, Knowledge & Expertise

• Proven experience in information security.
• Strong knowledge of SAMA requirements and standards.
• Experience with governance, risk management, and compliance (GRC) tools such as Archer and Cyber Arrow is preferred.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work in a fast-paced, dynamic environment.
• Passionate about learning and career development.