61 Security Advisor jobs in Saudi Arabia

Aramco occupies a unique position in the global energy industry. We are the world's largest producer of hydrocarbons (oil and gas), with the lowest upstream carbon intensity of any major producer.

With our significant investment in technology and infrastructure, we strive to maximize the value of the energy we produce for the world along with a commitment to enhance Aramco’s value to society.

Headquartered in the Kingdom of Saudi Arabia, and with offices around the world, we combine market discipline with a generations’ spanning view of the future, born of our nine decades experience as responsible stewards of the Kingdom’s vast hydrocarbon resources. This responsibility has driven us to deliver significant societal and economic benefits to not just the Kingdom, but also to a vast number of communities, economies, and countries that rely on the vital and reliable energy that we supply.

We are one of the most profitable companies in the world, as well as amongst the top five global companies by market capitalization.

We are seeking Security Advisors to join Industrial Security Operations/Area Departments.

Industrial Security Operations (ISO) plays an essential role in protecting people and assets of Aramco through a comprehensive approach that includes securing company facilities, conducting security risk assessments, managing access control, and responding to incidents. Its scope also includes advance areas such as security engineering and projects execution, deploying security technology solutions, ensuring security systems maintenance, and fostering professional growth through the security academy for training. Additionally, ISO oversees critical functions like security patrols, traffic control, ID and visitor management, and leveraging specialized resources like K9 units. With a vision to make Aramco the most secure place to live and work, ISO integrates proactive measures, vigilance, and technology to create an agile and resilient work environment.

Your primary role is to assist in coordinating security risk management activities across the organization, ensuring consistency and effectiveness in risk assessment and mitigation efforts. Conduct special and advance security related technical activities, such as security surveys, threat analysis, risk assessment and management, facilities classifications, traffic analysis, security related government requests, security compliance, projects coordination, port facilities security compliance support, emergency center assessment program, ISO standards review, security consultation, and various security investigations.

As the successful candidate, you will be required to perform the following:

• Conduct regular security surveys and risk assessments to evaluate the effectiveness of security programs, identify areas for improvement, and reduce risk.
• Provide recommendations and oversee enhancements to improve the organization's security posture, compliance, and operational efficiency.
• Analyze data from incidents, audits, and reviews to measure impacts, ensure continuous improvement, and provide detailed reports to management.
• Develop and maintain security policies, procedures, and standards in alignment with regulatory and organizational requirements.
• Coordinate and support incident response activities, ensuring timely resolution and thorough investigation of security events.
• Collaborate closely with internal and external stakeholders, including government agencies, to align risk management practices and ensure effective communication.
• Lead security related projects and initiatives, including compliance checks, security classifications, and audits, ensuring timely and effective implementation.
• Update the organizational risk register, monitor emerging threats, and implement action plans to mitigate potential security risk effectively.
• Maintain, review, and enhance security systems and surveillance equipment to ensure operational effectiveness.
• Promote a culture of continuous improvement and knowledge sharing through mentoring junior staff.
• As the successful candidate you will hold a bachelor’s degree in either Security Management, Risk Management, Engineering, Business Management, Law Enforcement/Criminology, Public Affairs and Services, or Safety Management from a recognized and approved program or equivalent. Advanced degree is preferred.
• Minimum of 7+ years’ experience in security management activities.
• 5 years’ experience in security risk assessments and methodologies.
• Certified Protection Professional (CPP) or equivalent.
• Demonstrated knowledge of CPTED (Crime Prevention Through Environmental Design).
• Demonstrated knowledge or experience in the petrochemical industry.
• Strong knowledge of physical security systems, technologies, and protocols.
• Experience with security forces and patrolling.
• Experience with emergency response procedures and business continuity processes and procedures.
• Basic statistics analysis and trending experience.
• Working knowledge in MS Office Suite (Excel, Word, PowerPoint, Access).

Working environment

Our high-performing employees are drawn by the challenging and rewarding professional, technical and industrial opportunities we offer, and are remunerated accordingly.

At Aramco, our people work on truly world-scale projects, supported by investment in capital and technology that is second to none. And because, as a global energy company, we are faced with addressing some of the world’s biggest technical, logistical and environmental challenges, we invest heavily in talent development.

We have a proud history of educating and training our workforce over many decades. Employees at all levels are encouraged to improve their sector-specific knowledge and competencies through our workforce development programs – one of the largest in the world.

The candidate is responsible for establishing, implementing, monitoring, reviewing, and improving all suitable sets of controls for the prevention of threats to the security of client applications & information assets, ensuring the business objectives of the organization. Should rigorously test, scan, audit & re-test all scopes as per all international security standards like OWASP, SANS & others.

Responsibilities and Scope:

• 5+ years of experience in web application and mobile application security, Network & Cloud Infrastructure Security, Vulnerability Assessment & Penetration Testing.
• Exploit security flaws & vulnerabilities with attack simulations on multiple applications in the Android and IOS platforms.
• Provide remediation guidance to identified vulnerabilities.
• Manual and automated security testing of Web applications, APIs, and mobile Apps.
• Use automated & manual code review techniques to identify application security vulnerabilities.
• Identify complex vulnerabilities such as business logic flaws and articulate to both technical and non-technical partners.
• Document & report vulnerabilities and work on periodic vulnerability mitigations, patching.
• Analyze application security policies for effectiveness, make suggestions on security policy improvements, and work to enhance methodology material.
• Develop & maintain security testing plans and automate penetration and other security testing on the applications, systems, networks, and data layers.
• Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make decisions based on potential security threats & risks.
• Produce actionable, threat-based reports on security testing results.
• Build and maintain relationships with key stakeholders and security partners.

Must-Have:

• Team player with good interpersonal skills, able to work independently with minimum supervision in a complex Infrastructure environment.
• Certifications: OSCP, OSWE or any other security certifications.
• Self-driven, self-managed technical team leader.
• Ability to clearly communicate needs and requirements and influence stakeholders with minimal supervision.
• Ability to accurately estimate effort, set and meet periodic delivery deadlines.
• Experience in research and development in Red Team Exercises, Threat Hunting, OSINT, Threat Modelling & building security tools is a plus.
• Good understanding of DevSecOps, security architecture review and network security assessments is an added advantage.
• Hands-on experience with technology to contribute to the design, development, and support of projects with security recommendations.

Nice to Have:

• Good problem-solving skills, communication and documentation skills.
• Ability to anticipate needs and provide creative input that ensures the success of the broader team.
• Proficient in reading modern programming languages with the ability to quickly learn to read and interpret scripts written by others.
• Ability to lead & drive multiple projects simultaneously.

No of Positions: 4

Note: The candidate would be expected to work in diverse consulting engagements and be willing to travel to Middle East countries for project execution at least 50% of their time.

Preference to candidates who can join immediately or within 15 days at the max.

Employment Type: Full-time

• Information Technology & Services

Full-time

The candidate is responsible for establishing, implementing, monitoring, reviewing, and improving all suitable sets of controls for the prevention of threats to the security of client applications & information assets, ensuring the business objectives of the organization. Should rigorously test, scan, audit & re-test all scopes as per all international security standards like OWASP, SANS & others.

Responsibilities and Scope:

• 5+ years of experience in web application and mobile application security, Network & Cloud Infrastructure Security, Vulnerability Assessment & Penetration Testing.
• Exploit security flaws & vulnerabilities with attack simulations on multiple applications in the Android and IOS platforms.
• Provide remediation guidance to identified vulnerabilities.
• Manual and automated security testing of Web applications, APIs, and mobile Apps.
• Use automated & manual code review techniques to identify application security vulnerabilities.
• Identify complex vulnerabilities such as business logic flaws and articulate to both technical and non-technical partners.
• Document & report vulnerabilities and work on periodic vulnerability mitigations, patching.
• Analyze application security policies for effectiveness, make suggestions on security policy improvements, and work to enhance methodology material.
• Develop & maintain security testing plans and automate penetration and other security testing on the applications, systems, networks, and data layers.
• Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make decisions based on potential security threats & risks.
• Produce actionable, threat-based reports on security testing results.
• Build and maintain relationships with key stakeholders and security partners.

Must-Have:

• Team player with good interpersonal skills, able to work independently with minimum supervision in a complex Infrastructure environment.
• Certifications: OSCP, OSWE or any other security certifications.
• Self-driven, self-managed technical team leader.
• Ability to clearly communicate needs and requirements and influence stakeholders with minimal supervision.
• Ability to accurately estimate effort, set and meet periodic delivery deadlines.
• Experience in research and development in Red Team Exercises, Threat Hunting, OSINT, Threat Modelling & building security tools is a plus.
• Good understanding of DevSecOps, security architecture review and network security assessments is an added advantage.
• Hands-on experience with technology to contribute to the design, development, and support of projects with security recommendations.

Nice to Have:

• Good problem-solving skills, communication and documentation skills.
• Ability to anticipate needs and provide creative input that ensures the success of the broader team.
• Proficient in reading modern programming languages with the ability to quickly learn to read and interpret scripts written by others.
• Ability to lead & drive multiple projects simultaneously.

No of Positions: 4

Note: The candidate would be expected to work in diverse consulting engagements and be willing to travel to Middle East countries for project execution at least 50% of their time.

Preference to candidates who can join immediately or within 15 days at the max.

Employment Type: Full-time

• Information Technology & Services

Full-time

Qualifications:
Degree in Engineering / Information Technology or related, CISSP, CISM, CISA, GIAC – Audit / Lead Auditor, CFE

Experience:
- 6 years of Security experience and exposure to most current Security standards and operations
- At least 3 years in consulting, auditing and optimizing Security for medium & large Corporates
- Expertise in Large Security infrastructure Design & Rollout
- Experience in Security Audits & Risk Assessments services
- Expertise in BCP field and/or Forensic Services

- Good knowledge of Financial / Telecom / Government operations
- Multiple Operating Systems knowledge
- Scripting and programming knowledge
- Security Tools development, collection and usage
- Very Good Pre-Sales skillset
- Good Consultancy skillset

We are seeking an experienced IT Security Consultant to join our growing team in Saudi Arabia. In this role, you will play a critical part in safeguarding digital infrastructure by identifying vulnerabilities, developing secure systems, and implementing robust cybersecurity protocols. The ideal candidate will bring expertise in IT security and a strategic mindset to advise, monitor, and protect clients’ digital environments effectively.

Assess and analyze existing IT infrastructure to identify potential security vulnerabilities.
Develop, implement, and maintain comprehensive security strategies, protocols, and policies.
Conduct security audits, risk assessments, and compliance evaluations.
Monitor networks and systems for security breaches, incidents, and unusual activity.
Advise clients on best practices for data protection, access controls, and risk management.
Respond to security breaches promptly and lead incident response efforts.
Train staff and stakeholders on IT security awareness and preventive measures.
Stay updated with the latest cybersecurity trends, tools, and compliance standards.

Provide strategic IT security advisory
Oversee IT security operations teams
The consultant should possess working knowledge on the following technologies and domains:
Microsoft Security Solutions, including Microsoft Defender suite
Palo Alto Networks Firewall
Cisco ISE with Forescout NAC
Cisco Umbrella (DNS Security)
Endpoint Protection, Antivirus (AV), Data Loss Prevention (DLP), and Cloud Security

AMBUS Solutions is a dynamic and forward-thinking Human Resources firm dedicated to delivering smart workforce solutions across diverse sectors. Our mission is to empower businesses with skilled talent and technology-driven services that foster growth, innovation, and operational excellence. With a commitment to integrity, performance, and client satisfaction, we continually strive to create impactful human capital solutions across the Gulf region and beyond.

Degree in Engineering / Information Technology or related field, CISSP certification.

1. Design Security Architecture for Enterprises.
2. Develop Security Policies and Procedures.
3. Provide Security Audit, Architecting & Consultancy services to large enterprises.
4. Assess existing infrastructure and assist clients in meeting governmental, legal, and standards compliance & certification requirements.
5. Study global trends in the security field and recommend new solutions and services.
6. Support pre-sales activities for marketing and sales teams.
7. Liaise with partner tech teams.
8. Ensure proper documentation for all projects and incidents.
9. Audit companies/institutions for international best practices certification.
10. Develop new security services and solutions.

• Experience in security architecture, auditing, and solution development.
• Strong understanding of compliance standards and certifications.
• Excellent communication and documentation skills.
• Location: Rawalpindi, Pakistan.

- 8 years of Security experience and exposure to most current Security standards and operations
- At least 3 years in consulting, auditing and optimizing Security for medium & large Enterprises

CERTIFICATIONS:
- CISSP
- CISM
- CISA
- GIAC - Audit
- CFE

- Design Security Architecture for Enterprises
- Develop Security Policies and Procedures for Enterprises
- Audit companies/institutions for international Best Practices certification
- Develop new Security Services & Solutions
- Provide Security Audit, Architecting & Consultancy services to Large Enterprises
- Assess existing Infrastructure and assist Clients to meet Governmental, Legal and Standards Compliance & Certification
- Study the Global Trend in Security field and recommend new solutions and Services
- Pre-Sales support to Marketing and Sales team
- Liaise with Partners Tech Teams
- Ensure proper Documentation for all Projects & Incidents

Information Technology and Services - Rawalpindi, Pakistan

We are seeking an experienced IT Security Consultant to join our growing team in Saudi Arabia. In this role, you will play a critical part in safeguarding digital infrastructure by identifying vulnerabilities, developing secure systems, and implementing robust cybersecurity protocols. The ideal candidate will bring expertise in IT security and a strategic mindset to advise, monitor, and protect clients’ digital environments effectively.

Assess and analyze existing IT infrastructure to identify potential security vulnerabilities.
Develop, implement, and maintain comprehensive security strategies, protocols, and policies.
Conduct security audits, risk assessments, and compliance evaluations.
Monitor networks and systems for security breaches, incidents, and unusual activity.
Advise clients on best practices for data protection, access controls, and risk management.
Respond to security breaches promptly and lead incident response efforts.
Train staff and stakeholders on IT security awareness and preventive measures.
Stay updated with the latest cybersecurity trends, tools, and compliance standards.

Provide strategic IT security advisory
Oversee IT security operations teams
The consultant should possess working knowledge on the following technologies and domains:
Microsoft Security Solutions, including Microsoft Defender suite
Palo Alto Networks Firewall
Cisco ISE with Forescout NAC
Cisco Umbrella (DNS Security)
Endpoint Protection, Antivirus (AV), Data Loss Prevention (DLP), and Cloud Security

AMBUS Solutions is a dynamic and forward-thinking Human Resources firm dedicated to delivering smart workforce solutions across diverse sectors. Our mission is to empower businesses with skilled talent and technology-driven services that foster growth, innovation, and operational excellence. With a commitment to integrity, performance, and client satisfaction, we continually strive to create impactful human capital solutions across the Gulf region and beyond.

” The Job Description”

1. Design, implement, and maintain information security solutions and policies.
2. Monitor and protect networks, systems, and applications from cyber threats.
3. Manage and maintain F5 Load Balancers, including configuration, troubleshooting, and optimization.
4. Administer Privileged Access Management (PAM) and Identity & Access Management (IAM) tools to ensure secure access control.
5. Implement and manage Network Access Control (NAC) solutions, particularly Cisco ISE.
6. Oversee Mobile Device Management (MDM) policies to secure mobile endpoints.
7. Deploy and monitor Endpoint Detection and Response (EDR) tools for threat detection and incident response.
8. Ensure compliance with NCA cybersecurity regulations and requirements.
9. Conduct regular security assessments, audits, and risk evaluations.
10. Collaborate with IT and business teams to respond to security incidents and develop mitigation strategies.
11. Maintain up-to-date documentation of security processes, systems, and incident reports.
    Requirements:
    

• Bachelor’s degree in Information Security, Computer Science, Cybersecurity, or a related field.
• 3+ years of experience in an information security role.
• Strong knowledge of network security principles and practices.
• Hands-on experience with:
  – F5 Load Balancers.
  – PAM/IAM solutions (e.g., CyberArk, Azure AD, Okta).
  – NAC (Cisco ISE) systems.
  – MDM platforms (e.g., Intune, MobileIron).
  – EDR tools (e.g., CrowdStrike, SentinelOne, Microsoft Defender).
  – Familiarity with NCA (National Cybersecurity Authority) guidelines and compliance requirements.
• Saudi national (this role is open to Saudi citizens only).

Tagged as: EDR , F5 , IAM , ISE , MDM , NAC , NCA , PAM