20 Security Analysis jobs in Saudi Arabia

Determine who requires access to which information, and then plan, coordinate and implement information security programs. Responsible for Cybersecurity practice and governance in the organization. Defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. Establish and implement frameworks and related processes for continual adherence to YASREF's internal and external mandates. Responsible for implementing and auditing the controls needed to protect both company's information as well as third party information from data

breaches and cyber-attacks.

Main Responsibilities:
1.
Provide the required support for Operational Technology (OT) cybersecurity systems, Process Control Systems, Electrical Automation Systems, network, and its operation.

1. Install, configure, maintain, troubleshoot, and administer YASREFs cybersecurity solution for the automation systems.

3. Perform Periodic review of network security procedure.

4. Determine who requires access to which information, and then plan, coordinate and implement information security programs.

5. Monitor and advice on information security issues to ensure the internal Cybersecurity controls for the YASREF is adequately maintained and operating as intended.

6. Participate and publish Cybersecurity policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.

7. Review violations of computer security procedures and discuss procedures with violators to ensure violations are not repeated.

8. Coordinate and execute OT Cybersecurity projects for YASREF.

9. Alert top management and Information Technology department to response to Cybersecurity incidents.

10. Participate in risk assessment process for new projects as well as major changes to existing Infrastructure/Applications.

11. Participate in conducting organization wide data classification assessment and security audits.

12. Participate in creating cryptographic protocols to encrypt emails, files, and other critical data.

13. Participate in development of incident response plans, annual OT risk assessments and associated risk mitigation and avoidance functions.

14. Document Cybersecurity incidents and emergency measures taken, procedures and tests conducted.

15. Collaborate with government, IT department, legal department to report and comply with safety and security regulations. Implement policies as mandated by law enforcement agencies to manage security vulnerabilities.

16. Create, manage and maintain user security awareness among all computer users.

17. Participate in YASREF's efforts to comply with ISO 27001 Information security management certification standards.

18. Participate in Cybersecurity research and keep abreast of latest security issues. Actively participate in the higher education of Cybersecurity.

19. Create and edit cybersecurity-related documentation. Also write technical specification to assess the application of security safeguards against vulnerabilities.

20. Perform other job-related duties as assigned by the direct supervisor.

Minimum Requirements:
Education Requirements:
Bachelor's degree in computer science, IT, Computer Engineering or equivalent.

Years of Work experience:
Five (05) years of relevant experience.

Certification/License (Optional)
: Cybersecurity certification

Job Description Summary

The Senior Cybersecurity Analyst is responsible for implementing and maintaining the organization's cybersecurity framework, utilizing their working knowledge in many of the relevant technologies and processes to protect sensitive data and guard against any malicious disruption of business continuity at JHAH.

Minimum Education Required

Bachelor's Degree in the field of Information Technology or in a relevant field

Professional Certifications Required

Sample of preferred certifications: .-Certified Information Systems Security Professional (CISSP) .-CompTIA Security+ .-Certified Information Security Manager (CISM) .-GSEC: GIAC Security Essentials Certification .-Project Management Professional (PMP) .-IT Infrastructure Library (ITIL)

Years of Experience

Minimum 6 years of experience in relevant field.

Operational Roles & Responsibilities

• Implement configure maintain support and monitor the organizations IT cybersecurity infrastructure including firewalls antivirus encryption protocols intrusion detection systems access management systems network monitoring solutions security operations center systems and other cybersecurity resources to ensure they are reliable stable scalable secure and perform optimally.
• Manage the organizations cybersecurity governance risk management and compliance programs and enforce adherence to established controls policies procedures standards regulations frameworks and incident response plans through regular assessments drills and training and awareness campaigns.
• Detect and respond to cybersecurity incidents intrusions breaches threats and vulnerabilities in compliance with relevant policies and procedures.
• Ensure that cybersecurity infrastructure complies with relevant best practices regulatory requirements enterprise architecture standards governance programs and cybersecurity policies.
• Manage engagements with contracted vendors for cybersecurity support managed services or professional services to ensure that service delivery meets the targeted scope time cost and quality constraints.
• Fulfill cybersecurity related service requests in compliance with the organizations relevant policies and procedures.
• Evaluate and process the cybersecurity aspects of IT demand requests and support fulfillment of those that are approved in compliance with relevant policies and procedures and by following the organizations IT project management framework.

Khobar, Saudi Arabia | Posted on 09/25/2025

Be Part of a Legacy Bigger Than the Game

At Al-Qadsiah Club we create more than teams! We’re crafting a legacy that goes beyond the game, making an impact both on and off the field. Driven by ambition, synergy, and innovation, we aim to inspire generations while shaping the future of Saudi sports.

This is more than just a job! It’s an opportunity to be part of something larger than yourself. At Al-Qadsiah, you’ll play a key role in shaping our legacy, contributing to the nation’s sports vision, and making history every step of the way.

• Monitor and analyze network and system activities using SIEM and NDR tools.
• Manage endpoint security across devices with EDR solutions.
• Fine-tune security alerts to minimize false positives and improve detection efficiency.
• Analyze cyber threats and attacks; block malicious IPs and Indicators of Compromise (IOCs).
• Conduct malware analysis and prevent the execution of malicious files.
• Detect and mitigate service attacks such as DoS and brute force attempts.
• Enforce application control policies to restrict unauthorized software.
• Develop and execute incident response playbooks to quickly address security incidents.
• Ensure the club’s IT environment complies with regulatory frameworks, including NIC Hassen.
• Prepare and present executive-level security reports highlighting risks and mitigation efforts.
• Lead security awareness programs to educate club staff and athletes on cybersecurity best practices.
• Continuously improve and enhance monitoring and detection systems.

• Education: Bachelor’s degree in Cybersecurity, IT, or a related field, or equivalent practical experience.
• Experience: Minimum 3 years of experience in cybersecurity operations or SOC analysis.
• Skills: Hands-on experience with SIEM, EDR, and NDR platforms.
• Strong understanding of malware analysis and cyber threat mitigation.
• Familiarity with compliance and regulatory requirements, especially NIC Hassen.
• Excellent analytical, communication, and problem-solving skills.
• Preferred certifications: CompTIA Security+, CEH, GCIH, CISSP, or similar.
• Knowledge of scripting and automation is a plus.

• Be Part of the Legacy: Join a club that’s redefining the future of Saudi sports, striving to lead the competition and set new standards of excellence.
• Experience the Culture: Thrive in an environment that values quality, accountability, diversity, synergy, innovation, and ambition, while embracing harmony. This is the Qadsiah Way.

Help AG is looking for a talented and enthusiastic Cybersecurity Defense Analyst to join our Cybersecurity Operations Center (CSOC) team as part of our Managed Security Services (MSS) business unit. If you have strong knowledge and interest in Cybersecurity, this position might be the right one for you. The Senior Cybersecurity Defense Analyst will be responsible for monitoring multiple client environments, guiding, leading other Security Analysts, and conducting forensic analysis and threat hunting to detect and identify Cybersecurity incidents/breaches. The candidate is also expected to be up to date with Cybersecurity intelligence and threat landscape.

• Monitor multiple security technologies, such as IDS/IPS, Firewalls, Switches, VPNs, and other security threat data sources.
• Correlate and analyze events using SIEM tools to detect security incidents.
• Create, follow and present detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, investigate, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedure.
• Maintain a high degree of awareness of current threat landscape and cybersecurity intelligence.
• Spread the cybersecurity intelligence across the team of analysts and engage in threat hunting activities.
• Lead delivery, and support others in the delivery, of knowledge sharing with analysts and writing technical articles for Internal knowledge bases, blog posts and reports as requested.
• Perform other essential duties as assigned.
• Analysis of log files, includes forensic analysis of system resource access.
• Create, follow and present customer reports to ensure quality, accuracy, and value to clients.
• Creation of new content (Use Cases, Queries, Reports) within the SIEM platform.
• Education and training of other analysts in use and operation of SIEM platform.
• On-site work with clients as required.
• Engage with client Incident Response team as required.
• Generate cybersecurity Threat Intelligence reports.

• Saudi National will be preferrable.
• Bachelor’s or master’s degree in Cybersecurity, Computer Science, Information Systems, Electrical Engineering, or a closely related degree.
• An active interest and passion in cybersecurity, incident detection, network, and systems security.
• 1 - 5 years of experience in cybersecurity, in areas such as security operations, intrusion detection, incident analysis, incident handling, log analysis, threat intelligence/hunting or digital forensics.
• A sound knowledge of IT security best practices, common attack types and detection / prevention methods.
• Demonstrable experience of analyzing and interpreting system, security, and application logs. Knowledge of the type of events that both Firewalls, IDS/IPS and other security related devices produce.
• Experience in using Splunk as an analyst for Threat and Incident Detection is required.
• Experience with ArcSight, LogRhythm, QRadar, is preferable but not mandatory.
• Strong understanding of Cyber Kill Chain and MITRE ATT&CK frameworks and techniques.
• Solid understanding of TCP/IP and network concepts and principles.
• Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS.
• Professional certificates are highly preferred (e.g., CCIE, OSCP, CISSP, GSEC, GCIA, GCIH, GMON, GREM, GDAT, GCFE, etc.).
• An experienced Analyst who aspires to be a leader and is committed to learning the principles of leadership and the role of a leader.
• Outstanding organizational skills.
• Exclusive focus and vast experience in IT.
• Very good communication skills.
• Strong analytical and problem-solving skills.
• A motivated, self-managed, individual who can demonstrate exceptional analytical skills and work professionally with peers and customers even under pressure.
• Strong written and verbal skills.
• Strong interpersonal skills with the ability to collaborate well with others.
• Ability to speak and write in English is required; Ability to speak and write in both English and Arabic is preferred.
• Well-versed in developing content for SIEM (creating, fine tuning) use cases and rules.
• Experience with automation tools (SOAR) is preferred.
• Experience in Malware Analysis / Reverse Engineering is preferred.

• Health insurance with one of the leading global providers for medical insurance.
• Career progression and growth through challenging projects and work.
• Employee engagement activities throughout the year.
• Tailored training & development program.

Help AG is the cyber security arm of e& enterprise and provides leading enterprise businesses across the Middle East with strategic consultancy combined with tailored information security solutions and services that address their diverse requirements, enabling them to evolve securely with a competitive edge.

Present in the Middle East since 2004, Help AG was strategically acquired by Etisalat group in Feb 2020, hence creating a cyber security and digital transformation powerhouse in the region.

Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendoragnostic, trustworthy, independent, and cyber security focused. With best-of-breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.

Role title : War Room Analyst

Location : Riyadh, Saudi Arabia

Key Responsibilities

• Assist with the submission and removal of IP addresses for blocking, following established protocols.
• Help monitor and keep records of blocked IPs in mobile applications, ensuring proper documentation.
• Use the Cloudflare IP tracker and support data entry in Grafana by:
• Recording IP blocking activities.
• Keeping logs updated for traceability.
• Perform basic checks on blocking results and sharing data to support effective analysis.
• Provide support in communications with network operators during incidents or irregularities.
• Carry out manual verification tasks, such as:
• Checking active blocks across operators.
• Testing accessibility using mobile devices.
• Assist in sandbox-based analysis by:
• Flagging suspicious IPs.
• Submitting IPs for blocking requests.
• Running simple behavioral tests on apps in mobile devices.
• Help document and report on service disruptions or potential issues in P2P streams.
• Regularly verify probe status to confirm availability and performance.
• Contribute to drafting incident reports with both data and observations.
• Monitor social listening alerts and escalate issues when required.

Qualifications and Skills

• Bachelor's degree in computer science, Computer Engineering, or a related field.
• Proficiency in English (Native).
• Proficiency in Arabic (Native).
• Strong knowledge of network operations, IP management, and cybersecurity practices.
• Hands-on experience with Cloudflare, Grafana, and sandboxing tools.
• Familiarity with mobile applications and P2P streaming environments.
• Excellent organizational and coordination abilities.
• Strong analytical and problem-solving skills.
• Ability to work effectively under pressure and in fast-paced environments.
• Willing to work flexible schedules, including evenings, nights, and weekends.

Cybersecurity Defense Analyst

Department:
CISO

Job Purpose

A Cybersecurity Defense Analyst monitors, detects, and responds to cyber threats to protect an organization's IT infrastructure. Responsibilities include analyzing security events, investigating incidents, implementing and upgrading security measures (firewalls, SIEM, vulnerability assessments), and developing incident response strategies. The role requires staying updated on emerging threats, collaborating with IT teams, and delivering reports and training to maintain network security and data integrity.

Core Responsibilities

• Ensure 24/7/365 security monitoring is performed.
• Escalate validated/confirmed incidents to the incident response team.
• Notify stakeholders of incidents and required mitigation steps.
• Fine-tune SIEM rules to reduce false positives/negatives.
• Collect and analyze global and internal threat intelligence, recommending preventive actions.
• Proactively research and monitor security information to detect potential threats.
• Develop/distribute alerts and reports with corrective actions.
• Learn new attack patterns and actively participate in security forums.
• Collaborate with Vulnerability Assessment Lead and incident response teams.
• Track and update incidents/requests based on client updates and analysis.
• Correlate incident data to identify vulnerabilities.
• Document and escalate incidents causing immediate or ongoing impact.
• Correlate information from multiple sources to contextualize observed threats.
• Analyze network alerts from multiple sources to determine causes.
• Provide timely detection, identification, and alerting of possible attacks, anomalies, or misuse activities.
• Report suspected cyber incidents according to organizational procedures.

Qualifications

Education:

• Bachelor's degree in Cybersecurity, Information Technology, or related field.

Experience:

• 2–0 years of experience.

Knowledge/Exposure:

• Familiarity with risk management frameworks (ISO 27001, NIST, COBIT, GDPR, SOX).
• Experience with GRC tools (e.g., ServiceNow, Archer) is a plus.

Skills:

• Strong ability to analyze complex data, identify anomalies, and correlate events to understand threat contexts.
• Ability to assess risks, evaluate vulnerabilities, and develop effective strategies to mitigate threats.

Be Part of a Legacy Bigger Than the Game

At
Al-Qadsiah Club
we create more than teams We're crafting a legacy that goes beyond the game, making an impact both on and off the field. Driven by ambition, synergy, and innovation, we aim to inspire generations. while shaping the future of Saudi sports.

This is more than just a job It's an opportunity to be part of something larger than yourself. At Al-Qadsiah, you'll play a key role in shaping our legacy, contributing to the nation's sports vision, and making history every step of the way.

Overview:

We are looking for a proactive and detail-oriented Cybersecurity Systems Analyst to join our IT security team. You will be responsible for monitoring, analyzing, and protecting the club's network and systems against cyber threats. Your role will be critical in defending our infrastructure and ensuring compliance with regulatory requirements like NIC Hassen.

Key Responsibilities:

•Monitor and analyze network and system activities using SIEM and NDR tools.

•Manage endpoint security across devices with EDR solutions.

•Fine-tune security alerts to minimize false positives and improve detection efficiency.

•Analyze cyber threats and attacks; block malicious IPs and Indicators of Compromise (IOCs).

•Conduct malware analysis and prevent the execution of malicious files.

•Detect and mitigate service attacks such as DoS and brute force attempts.

•Enforce application control policies to restrict unauthorized software.

•Develop and execute incident response playbooks to quickly address security incidents.

•Ensure the club's IT environment complies with regulatory frameworks, including NIC Hassen.

•Prepare and present executive-level security reports highlighting risks and mitigation efforts.

•Lead security awareness programs to educate club staff and athletes on cybersecurity best practices.

•Continuously improve and enhance monitoring and detection systems.

Requirements

Qualifications:

Education:

•Bachelor's degree in Cybersecurity, IT, or a related field, or equivalent practical experience.

Experience:

•Minimum 3 years of experience in cybersecurity operations or SOC analysis.

Skills:

•Hands-on experience with SIEM, EDR, and NDR platforms.

• Strong understanding of malware analysis and cyber threat mitigation.

•Familiarity with compliance and regulatory requirements, especially NIC Hassen.

•Excellent analytical, communication, and problem-solving skills.

•Preferred certifications: CompTIA Security+, CEH, GCIH, CISSP, or similar.

•Knowledge of scripting and automation is a plus.

Benefits

Why Join Al-Qadsiah?

• Be Part of the Legacy:
  Join a club that's redefining the future of Saudi sports, striving to lead the competition and set new standards of excellence.
• Experience the Culture:
  Thrive in an environment that values
  quality, accountability, diversity, synergy, innovation, and ambition, while embracing harmony
  . This is the Qadsiah Way.

By contacting us you agree with the storage and handling of your data by this website.

Location

Jeddah

Experience
5+ years

Send Your CV To

Job Description
Job Title: Security Analyst - L3

Experience: 5+ years

Location: Jeddah

Key Responsibility Areas – Security Analyst - L3 – SOC

• Security Incident Leadership: Lead high-priority security investigations and incident response activities, ensuring accurate analysis, containment, remediation, and post-incident reporting.
• Operational Oversight: Oversee day-to-day SOC operations, including shift handovers, escalation management, and ensuring continuity across a 24/7 environment with global customers.
• Technical Expertise: Act as the escalation point for complex threats and security incidents requiring deep analysis of logs, packets, malware, and behavioral patterns using EDR, XDR, SIEM, and forensic tools.
• Threat Detection and Hunting: Conduct proactive threat hunting using various data sources and tools. Create and optimize detection use-cases, correlation rules, and playbooks to enhance threat visibility and reduce dwell time.
• Process & Playbook Management: Develop, refine, and enforce standard operating procedures (SOPs), playbooks, and incident response workflows to drive consistent and measurable outcomes.
• Customer Engagement: Interface with global stakeholders (especially US/Canada clients), providing clear incident briefings, RCA reports, and advisory support.
• Collaboration and Mentorship: Mentor L1 and L2 analysts, conduct training sessions, and support skill development across shifts.
• Continuous Improvement: Participate in tuning detection content, improving tool configurations, and supporting red/blue/purple team exercises to elevate SOC maturity.
• Documentation and Reporting: Ensure high-quality documentation of incidents, processes, and technical findings. Contribute to executive and operational reporting.

Apply Now

Location

Jeddah

Experience
5+ years

Send Your CV To