256 Information Security jobs in Saudi Arabia

Arthur Lawrence is urgently looking for a Penetration Tester for a client in Riyadh, KSA. Kindly review the job requirements below. Your immediate application will enable us to place you successfully.

• 3+ years of solid background in Penetration testing (Grey Box/Black Box) in the banking industry
• Experience with OWASP Top 10 for web and mobile applications, basic coding skills required for vulnerability remediation
• Proficiency with penetration testing tools and operating systems (Parrot, Kali Linux, BurpSuite, Nessus, Qualys, OpenVAS)
• Ability to produce penetration testing reports, including proof-of-concept scripts, exploit steps, and mitigation recommendations
• Offensive Security or SANS certifications (OSCP, OSEP, OSWE) required

• Bachelor’s degree in Information Technology or a related field

• Winner of Entrepreneur 360 Award (2019).
• IAOP Award; ranked in the top 100 internationally.
• Arthur Lawrence ranked within the Inc 5000 twice in 2016 and 2017 as one of the fastest-growing companies in America.
• Named one of the top ten fastest-growing businesses in Houston in 2016.
• Ranked 25th in the HBJ's Fast 100 Private Companies Award in 2017.

ASMO is a groundbreaking joint venture between DHL and Saudi Aramco. Inheriting DHL’s logistics excellence and Saudi Aramco’s extensive supply chain ecosystem, we are here to set a new benchmark and redefine the procurement and supply chain landscape, enabling growth.

ASMO aims to be operational in 2025 and provide reliable end-to-end integrated procurement and supply chain services for companies across the industrial, energy, chemical, and petrochemical sectors. Our focus customers in the short term will be Saudi Aramco and its Affiliates. In the long term, all the industrial sectors within Saudi Arabia aim to reach the MENA region.

Objective:

The role holder is responsible for defining and implementing a comprehensive security architecture framework to protect the organization systems, networks and data. It encompasses the identification of required cybersecurity controls and governing documents to ensure the confidentially, integrity and availability of technology and data assets.

General Responsibilities:

• Review as-is and to-be security architect and develop security roadmaps.
• Assess current technology environment, including applications, cloud, database and network, to identify deficiencies and recommend solutions.
• Stay up to date with emerging security technologies and trends and apply them where appropriate.
• Build cybersecurity architecture for ASMO in alignment to SABSA standards, local regulations, and best practises.
• Build hybrid cloud security architecture in alignment to ASMO business requirements.
• Develop security architecture design patterns to ensure consistency of security architecture throughout the environment.
• Define new security architecture patterns for advanced technologies.
• Assess the maturity of Cybersecurity capabilities against industry standards such as NIST Cybersecurity Framework (NIST CSF), ISO, 800-53/171, etc.
• Assess the security architect of technology projects, identify security requirements and ensures alignment with corporate security policies and best practices.
• Provide project consultation and evaluate security architecture and risks of proposed solutions, including vendor products & services, and recommend alternative solutions or compensating controls.
• Identify gaps in the current project’s security design, cybersecurity reference architecture, architecture design patterns and recommend security enhancements.
• Liaise with key stakeholders from the technology function to gather inputs on the various applications to develop the required security controls.
• Ensure systems are build according to cybersecurity standards and security architecture patterns.
• Contribute to the identification of opportunities for the continuous improvement of systems, processes, and practices to enhance productivity and cybersecurity capabilities maturity.
• Develop and implement all relevant policies, processes, procedures and instructions so that work is carried out in a controlled and consistent manner.
• Contribute to the preparation of timely and accurate cybersecurity reports to meet departmental requirements, policies, and standards.

Qualifications:

• Bachelor’s degree in computer science, cybersecurity, computer engineering, or information technology preferred, or other related fields from a recognized and accredited university.
• Below certifications are preferred:

o SABSA Certification

o Certified Info Sys Security Professional (CISSP)

o Certified Information Security Manager (CISM)

o Certified Information Security Auditor (CISA)

• Demonstrated proficiency in oral and written English.
• Minimum of 9 years’ experience in a similar role.
• Experience in IT Security or Cybersecurity Architecture.

Core Competency:

• Proven experience as an Enterprise Security Architect.
• Excellent working knowledge of how to model threats & risks as well as the controls necessary to mitigate them, on both an organizational and technical level
• A background in at least two general security practices: cloud security in AWS/Azure/OCI, application/API security, firewalls, IDS/IPS, sandboxing, threat intelligence, vulnerability assessment and mitigation, SIEM, auditing, encryption, data loss prevention, threat intelligence, SASE, Zero-trust network access solutions, mobile application/system security.

We are seeking a strategic and experienced Chief Information Security Officer to lead and evolve our client organization’s cybersecurity program. This senior leadership role is responsible for setting the direction of cybersecurity initiatives, managing risk, ensuring regulatory compliance, and aligning security efforts with overall business goals.

Key Responsibilities:

• Define and implement a robust cybersecurity strategy
• Lead risk management, incident response, and disaster recovery efforts
• Oversee cybersecurity operations, including budgeting and staffing
• Engage with leadership, regulators, and vendors on security matters
• Promote cybersecurity awareness across the organization
• Monitor and report on emerging threats and compliance status

Qualifications:

• Proven leadership in enterprise-level cybersecurity
• Deep understanding of cyber threats, controls, and regulatory requirements
• Strong strategic communication and stakeholder management skills
• Expertise in risk assessment, incident handling, and security frameworks
• Familiarity with international cybersecurity standards and best practices
• Must be fluent in Arabic

Company Description

IT Security C&T is an innovative, fast-growing security consulting and training company. Our management team combined with our consultants and engineers work together to deliver comprehensive security solutions to our customers around the MENA region.

IT Security C&T is continuously expanding its team of qualified professionals for a wide range of opportunities. Interested candidates are required to apply via our Career webpage on our website (

• Develop and maintain cybersecurity governance, risk management, and compliance frameworks, strategies, and practices.
• Collaborate with cross-functional teams to identify and assess cybersecurity risks and vulnerabilities.
• Conduct regular security assessments, risk assessments, and gap analyses to ensure compliance with industry standards, regulations, and best practices.
• Provide expert guidance in the development of policies, procedures, and controls to mitigate cybersecurity risks.
• Review and analyze security controls, processes, and technologies to identify and address any gaps or weaknesses.
• Monitor and evaluate emerging cyber threats and vulnerabilities and recommend appropriate mitigation strategies.
• Stay abreast of changes in regulatory requirements, industry standards, and cybersecurity best practices to ensure ongoing compliance.
• Act as a subject matter expert and provide guidance to stakeholders, including management, on cybersecurity governance, risk management, and compliance matters.
• Conduct cybersecurity awareness and training programs for employees to promote a culture of security and compliance.
• Assist with incident response, investigations, and the recovery process, ensuring appropriate actions are taken to address and mitigate any security incidents.

• Bachelor’s degree in computer science, Information Technology, or a related field. Relevant professional certifications (e.g., CISSP, CISM, CRISC) are highly desirable.
• Minimum 1-2 years of Cybersecurity GRC Consultant experience
• Proven experience as a Cybersecurity GRC Consultant or in a similar role, with a strong focus on governance, risk management, and compliance.
• In-depth knowledge of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, GDPR) and their practical implementation.
• Familiarity with security controls, technologies, and best practices across various domains, such as network security, application security, and data protection.
• Strong analytical and problem-solving skills, with the ability to assess risks, identify vulnerabilities, and develop effective mitigation strategies.
• Excellent communication and presentation skills, with the ability to convey complex cybersecurity concepts to stakeholders at all levels.
• Strong understanding of regulatory requirements relevant to National Cybersecurity Authority.
• Demonstrated commitment to ongoing professional development in the field of cybersecurity.
• Native Arabic speaker and professional in English language.

As a Senior Pre-Sales Consultant you will play a critical role in the sales process by acting as a trusted technical advisor for enterprise customers. This role involves delivering high-impact demonstrations, supporting RFx responses, crafting technical proposals, and designing tailored cybersecurity solutions.

What You'll Do :

1. Technical Sales Support & Customer Engagement

• Deliver clear, compelling demos and technical presentations that bring our cybersecurity solutions to life.
• Lead PoV projects, helping prospects experience firsthand how COGNNA can solve their toughest security challenges.
• Understand each customer's pain points and propose solutions that are both impactful and practical.
• Support the sales team in closing strategic deals by providing the technical edge that sets us apart.

2. RFx & Proposal Development

3. Solution Design & Architecture

4. Competitive Intelligence & Industry Expertise

5. Collaboration & Internal Alignment

Monday, 25 August 2025, 2 Rabia Al Awal 1447

Apply by

Monday, 01 September 2025, 9 Rabia Al Awal 1447

Location

Riyadh

Department/Section

Admin Section - Information Security Department

Responsible for executing and maintaining the operational components of the Organization's security strategy to create a secure, efficient, and effective technology environment. This role ensures a secure information environment that protects all Organization data.

1. Assist in implementing cybersecurity methodologies, procedures, and tools of the Information Security Management Division.
2. Assist in drafting information security policies across the Organization in accordance with the laws and regulations of the Kingdom of Saudi Arabia.
3. Assist in building and maintaining a catalog of available security services aligned with security policy and compliant with industry standards such as ISO 27001.
4. Support periodic assessments to evaluate how well security services meet business objectives and determine if some services should be decommissioned or new services added.
5. Issue NCA and CVE bulletins to stakeholders and provide advice and guidance to the remediation team.
6. Conduct regular reviews of security services quality.
7. Participate in planning, executing, and reporting security audits and network vulnerability assessments with minimal supervision.

Requirements: One (1) year of related experience with a Master’s degree, or three (3) years with a Bachelor’s degree.

About Tibah:

Tibah Airports Operation Company manages and operates Prince Mohammed Bin Abdulaziz International Airport in Madinah as the first private company to manage and operate an airport in Saudi Arabia. Tibah has been operating Madinah Airport 24/7 since mid-2012, serving more than 10 million passengers per year.

Prince Mohammed Bin Abdulaziz International Airport is the gateway to Madinah where millions of passengers and pilgrims use our terminals year-round to connect with people and places around the world. Tibah is committed to providing the best airport services that meet global standards and cater to the diverse needs of its customers.

Job Purpose:

This role is designated to lead the cybersecurity strategy and related practices for the business, as well as to liaise between the airport stakeholders for the technology infrastructure-related issues.

Main Duties and Responsibilities:

• Develop, implement, and maintain the organization’s cybersecurity strategy, policies, and procedures.
• Lead and manage the Cybersecurity team, providing direction, mentoring, and performance management.
• Oversee security operations, including threat detection, incident response, vulnerability management
• Ensure compliance with NCA and other relevant regulations and frameworks.
• Manage relationships with external security vendors, auditors, and regulators.
• Conduct regular risk assessments and gap analyses, identify vulnerabilities, and recommend solutions.
• Collaborate with IT, OT, and business units to ensure security is integrated into all projects and operations.
• Promote cybersecurity awareness and training programs for employees at all levels.
• Develop and test business continuity and disaster recovery plans.
• Prepare and deliver cybersecurity reports and KPIs to senior management and the board.

Qualifications, Experience & Skills:

• Bachelor’s degree in information security, computer science, IT, or related field (master’s preferred).
• Professional certifications such as CISSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor are highly desirable
• Proven experience (5–10 years) in cybersecurity, with at least 3 years in a leadership or managerial role.
• Extensive knowledge of security frameworks (NCA, ISO 27001, NIST, ITIL, etc.) and regulatory requirements.
• Practical experience with SIEM, IDS/IPS, firewalls, endpoint security, and cloud security.
• Excellent understanding of risk management, incident response, and business continuity.
• Strong leadership, communication, and stakeholder management skills.

• Help identify and contain risks related to information management, and foster a compliance culture
• Provide expert recommendations and solutions to complex cybersecurity and data governance challenges
• Conduct cybersecurity risk assessments to identify, prioritize, and mitigate organization-wide risks
• Coordinate the development and continuous improvement of cybersecurity and data governance procedures
• Lead response and resolution of business and technical cybersecurity issues across functions
• Lead advanced threat modeling, vulnerability management, and security architecture assessments
• Define and govern data classification, access controls, and lifecycle policies
• Lead enterprise risk assessments, mitigation strategies, and cybersecurity audits
  
  

• Minimum Experience:
  
  

• Competencies (Knowledge, Skills & Abilities):
  
  

Get AI-powered advice on this job and more exclusive features.

Founded in 2003 and headquartered in Singapore, Group-IB is a leading creator of cybersecurity

technologies to investigate, prevent, and fight digital crime. Combating cybercrime is in the company’s DNA, shaping its technological capabilities to defend businesses, and citizens, and support law enforcement operations.

Group-IB’s Digital Crime Resistance Centers (DCRCs) are located in the Middle East, Europe, Central Asia, and Asia-Pacific to help critically analyze and promptly mitigate regional and country-specific threats. These mission-critical units help Group-IB strengthen its contribution to global cybercrime prevention and continually expand its threat-hunting capabilities.

Each of us can help make the world a safer place. Join us!

ABOUT THE ROLE:

This is a high-impact, hands-on role that puts you on the front lines of some of the most challenging incident response and threat hunting engagements. You’ll work across diverse industries, confronting real-world cyber threats and helping clients recover from complex incidents. Your expertise will directly shape outcomes, protect critical infrastructure, and contribute to a safer digital environment.

This role is ideal for professionals eager to sharpen their DFIR skills while operating in fast-paced, high-stakes environments.

YOUR MISSION

• Conduct root cause analysis to determine the initial attack vector in security incidents.
• Lead incident response engagements, including containment, eradication, and recovery guidance.
• Acquire and analyze disk and memory forensic images, as well as perform triage analysis.
• Recover deleted data, trace file execution, and validate indicators of compromise (IOCs).
• Develop attack hypotheses using adversary TTPs mapped to the MITRE ATT&CK framework.
• Prepare and deliver clear, actionable reports and findings to both technical and non-technical stakeholders.
• Maintain composure and communicate effectively in high-pressure, time-sensitive incidents.

WHAT SUCCESS LOOKS LIKE:

• Minimum first hands-on experience in Digital Forensics and Incident Response.
• Bachelor’s degree in Cybersecurity, Computer Science, Information Security, or equivalent professional experience.
• Proficiency in analyzing forensic artifacts such as:
• Windows registry
• Master File Table (MFT)
• Prefetch files
• Shellbags
• Experience working with EDR platforms and SIEM solutions.
• Strong understanding of attacker methodologies, MITRE ATT&CK, and the intrusion kill chain.

Additional requirements:

• Strong problem-solving mindset and attention to detail.
• Ability to remain calm under pressure during active incidents.
• One or more of the following: GCFA, GCIH, GNFA, GCFE, CHFI, GCFR, OSCP, or similar.

OUR WORK ENVIRONMENT & CULTURE:

At Group-IB, we believe that employee happiness is fundamental to success. We foster a supportive, inclusive, and dynamic workplace where every team member is empowered to grow. Whether you’re aiming to deepen your expertise, step into leadership, explore new departments, or take your career abroad, we provide diverse opportunities for professional development.

Our team is made up of specialists from around the world who bring deep international expertise and thrive on solving complex challenges. You’ll be working with cutting-edge technologies recognized globally by Gartner, IDC, and Forrester, and contributing to projects that span across 60 countries alongside 450+ partners and 500+ clients.

We take pride in our multicultural, values-driven culture—where mutual respect, collaboration, and shared goals unite us across borders. And with Group-IB’s continued global growth and financial stability, your career trajectory here can accelerate faster than in most traditional environments.

WHAT DO WE OFFER :

• Flexible Work Schedule
• We don’t believe in fixed hours—what matters is impact, not time spent. You have the freedom to design your own workday in a way that drives results and balance.
• Your well-being comes first. We offer health insurance to support you when it matters most.
• Certifications & Continuous Learning
• Our team holds over 1,000 globally recognized certifications, including CEH, CISSP, OSCP, and more. Through our incentive program, we cover the cost of professional development—because your growth fuels our innovation.
• From soft skills development to advanced technical training, a wide range of internal programs help you expand your skill set—and earn recognition and rewards along the way.
• Entrepreneurial spirit is encouraged
• We value initiative. Whether it’s launching a tech blog, organizing events, building communities, or starting a sports team—Group-IB is a place where bold ideas are supported and celebrated. .

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Computer and Network Security and Security and Investigations

Referrals increase your chances of interviewing at Group-IB by 2x

Riyadh, Riyadh, Saudi Arabia 23 hours ago

Riyadh, Riyadh, Saudi Arabia 14 hours ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.