19 Security Analysts jobs in Riyadh

” The Job Description”

1. Design, implement, and maintain information security solutions and policies.
2. Monitor and protect networks, systems, and applications from cyber threats.
3. Manage and maintain F5 Load Balancers, including configuration, troubleshooting, and optimization.
4. Administer Privileged Access Management (PAM) and Identity & Access Management (IAM) tools to ensure secure access control.
5. Implement and manage Network Access Control (NAC) solutions, particularly Cisco ISE.
6. Oversee Mobile Device Management (MDM) policies to secure mobile endpoints.
7. Deploy and monitor Endpoint Detection and Response (EDR) tools for threat detection and incident response.
8. Ensure compliance with NCA cybersecurity regulations and requirements.
9. Conduct regular security assessments, audits, and risk evaluations.
10. Collaborate with IT and business teams to respond to security incidents and develop mitigation strategies.
11. Maintain up-to-date documentation of security processes, systems, and incident reports.
    Requirements:
    

• Bachelor’s degree in Information Security, Computer Science, Cybersecurity, or a related field.
• 3+ years of experience in an information security role.
• Strong knowledge of network security principles and practices.
• Hands-on experience with:
  – F5 Load Balancers.
  – PAM/IAM solutions (e.g., CyberArk, Azure AD, Okta).
  – NAC (Cisco ISE) systems.
  – MDM platforms (e.g., Intune, MobileIron).
  – EDR tools (e.g., CrowdStrike, SentinelOne, Microsoft Defender).
  – Familiarity with NCA (National Cybersecurity Authority) guidelines and compliance requirements.
• Saudi national (this role is open to Saudi citizens only).

Tagged as: EDR , F5 , IAM , ISE , MDM , NAC , NCA , PAM

GRC Specialist's job is to participate in information security Governance, Risk Management, and Compliance Engagements within Jafeer and for Jafeer Customers.

• Participate in various IT Risk Management & Business continuity initiatives.


• Ensuring that requirements in IT Audit, Standard, Policy, Compliance and Risk controls are met.


• Ensure external auditors have the access and information they need to complete their audit successfully.


• Conduct interviews and process walkthroughs with select personnel and document and assess business processes and information systems to determine the adequacy of the control environment.


• Demonstrate well IT auditing based on industry best practices and regulations.

What we are looking for : the Head of Information Security will be responsible for leading Nayla’s information security strategy, ensuring compliance with regulatory requirements (SAMA, NCA, ISO), and protecting our platforms, infrastructure, and customer data from threats. This role is critical in enabling secure growth and building a resilient fintech environment. Only Saudi Nationality

Responsibilities:

• Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program.
• Work directly with the business units to facilitate risk assessment and risk management processes
• Develop and enhance an information security management framework
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
• Provide leadership to the enterprise's information security organization
• Partner with business stakeholders across the company to raise awareness of risk management concerns
• Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
• Lead the development and implementation of the system-wide risk management function of the information security program to ensure information security risks are identified and monitored.
• Internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the Nayla information and technology systems. Lead the system-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations.
• Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and regulation are met (SAMA, NCA).
• Achieve L3 Maturity in SAMA CSF Framework and maintain that level at a minimum all times.

Qualifications :

1.Minimum Qualifications :

• Information Security, Computer science/engineering, management information systems (MIS), or a related technical degree
• Minimum of 5 years of experience in related information security fields.

3.Job-Specific Skills

• Extensive knowledge or risk management concepts

• Deep technical understanding of security threats, vulnerabilities and controls.

• Experience in conducting risk-based information security audits

• In-depth knowledge of information security management, practice, and understanding of privacy and security regulations, i.e., COBIT, NIST, NERC, ISA 99, IEC 61850, SAMA, NCA and ISO.

• In-depth knowledge of information security GRC (governance, risk, compliance) methodologies, tools, and enablers.

• Advanced experience with Governance, Risk and Compliance platforms.

• knowledge of ISO 27001:2013

• Certification such as CISSP, CISM, CISA, CRISK, and SABSA.

• Seniority level Director

• Employment type Full-time

• Job function Information Technology

Referrals increase your chances of interviewing at NAYLA نايلة by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Get AI-powered advice on this job and more exclusive features.

Job Summary
We are looking for a highly skilled Senior Information Security Presales Engineer to join our team. This role requires a strong technical background with hands-on experience in cybersecurity and IT infrastructure. The ideal candidate will play a key role in engaging with clients, designing solutions, and supporting the sales process with technical expertise. The role is 70% technical (solution design, POC, implementation) and 30% presales (client meetings, proposal support, presentations).

• Design and architect cybersecurity solutions tailored to client requirements.
• Lead technical workshops, solution demos, and proof-of-concepts (PoCs).
• Evaluate and recommend appropriate technologies based on client needs.
• Collaborate with delivery and engineering teams to ensure solution feasibility and smooth handover.
• Deep knowledge and hands-on implementation experience with SIEM, SOAR, XDR/EDR, NDR, Threat Intelligence Platforms, PAM, IAM, Database encryption, SAST/DAST, Vulnerability management, DRM, and GRC.
• Stay up to date on emerging cybersecurity technologies, threats, and compliance frameworks.
• Create detailed technical documentation, solution designs, and both high-level and low-level designs.

• Support sales team in meetings with technical presentations and product walkthroughs.
• Respond to RFPs, RFQs, and technical questionnaires.
• Prepare solution proposals in collaboration with account managers and technical teams.
• Build and maintain relationships with clients and vendors.
• Present solutions to stakeholders, including technical and non-technical audiences.

• Bachelor’s degree in computer science, Information Security, or a related field.
• Minimum 5–7 years of experience in cybersecurity and network engineering.
• Strong hands-on expertise in SIEM, SOAR, XDR/EDR, NDR, TIP, PAM, IAM, DRM, Database Encryption, SAST/DAST, Vulnerability management, and GRC tools.
• Excellent communication and presentation skills.
• Relevant certifications such as CISSP, CISM, CISA, CEH, CCSP, GIAC are preferred.

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Analyst
• Industries: IT Services and IT Consulting

Get AI-powered advice on this job and more exclusive features.

We are seeking a seasoned and strategic Chief Information Security Officer (CISO) to lead our cybersecurity vision, strategy, and execution. This executive role is central to driving enterprise-wide security initiatives and safeguarding both internal and client-facing environments. The successful candidate must be a Saudi national with deep expertise in regulatory compliance, enterprise risk management, and operational cybersecurity, particularly in alignment with national frameworks such as SAMA , NCA , and CITC .

Key Responsibilities

• Develop and lead the organization's overall information security strategy
• Ensure full adherence to local cybersecurity regulations, including SAMA, NCA ECC/CCC, and CITC guidelines
• Oversee the planning, execution, and continuous improvement of incident response and threat detection capabilities
• Establish and maintain cybersecurity governance, risk policies, and awareness programs
• Provide strategic cybersecurity guidance to executive leadership and the board, including risk posture assessments and security investment planning
  
  

• Saudi nationality is mandatory, in line with national employment regulations
• Bachelor's degree in Cybersecurity, Information Technology, or a related field (Master's degree preferred)
• Minimum of 10 years' experience in cybersecurity, with at least 5 years in a senior leadership capacity
• Industry-recognized certifications such as CISSP, CISM, CISA, or equivalent
• In-depth understanding of both local regulatory requirements and global standards (e.g., ISO 27001, NIST)
• Proven background in regulated industries such as finance, government, telecommunications, or critical infrastructure
• Strong leadership and team-building capabilities, with a track record of leading high-performing security teams
• Bilingual fluency in Arabic and English, with excellent communication and presentation skills
  
  

• Competitive salary and performance-based bonuses
• Professional development opportunities and certifications
• Flexible work schedule and semi-remote work options
• Collaborative and innovative work environment

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Other
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at Obrela by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Saudi National - Senior Information Security Engineer (Level 3 SOC) Tabby Riyadh, Saudi Arabia Apply now Posted 16 days ago Permanent Competitive

Saudi National - Senior Information Security Engineer (Level 3 SOC)

Saudi National - Senior Information Security Engineer (Level 3 SOC)

Department: InfoSec Monitoring

Employment Type: Full Time

Location: KSA

Reporting To: Weam Munshi

Description

We're looking for an experienced and proactive Senior Information Security Engineer to serve as a senior member of our cybersecurity operations team. You'll lead complex investigations, shape our detection capabilities, and provide strategic input into incident response and threat management. As a technical authority in the SOC, you'll mentor junior analysts, collaborate across teams, and help drive continuous improvement in our security posture.

Key Responsibilities

Advanced Threat Detection & Monitoring

• Lead the analysis and triage of high-fidelity alerts and complex event correlations across firewalls, IDS/IPS, endpoints, servers, and cloud platforms.
• Identify and investigate sophisticated threats, advanced persistent threats (APTs), and anomalous behavior patterns.
• Continuously refine detection logic, SIEM rules, and alerting thresholds to optimize SOC effectiveness.
• Design and maintain operational dashboards and KPIs to track security trends and SOC performance.

• Act as the primary incident commander for major security incidents, coordinating technical response and stakeholder communication.
• Conduct root cause analysis, full-scope investigations, and forensic analysis using endpoint and network-based artifacts.
• Drive post-incident reviews and deliver actionable recommendations to reduce future risk.
• Oversee incident documentation quality and ensure consistency in reporting and knowledge transfer.

• Research and operationalize threat intelligence into custom detection rules, threat hunting queries, and playbooks.
• Develop and tune detection use cases aligned with MITRE ATT&CK and evolving threat actor techniques.
• Contribute to the development and enhancement of SOAR workflows and automation to improve SOC efficiency.

• Collaborate with infrastructure and DevOps teams to assess and prioritize vulnerabilities in context with threat intelligence.
• Support patch validation and track remediation efforts for critical exposures.
• Guide vulnerability lifecycle processes, ensuring risks are addressed in a timely and measurable way.

• Serve as a technical mentor and escalation point for Tier 1 and Tier 2 SOC analysts.
• Lead training initiatives and tabletop exercises to strengthen SOC readiness and maturity.
• Work closely with IT, Engineering, Compliance, and Risk teams to ensure alignment during investigations and threat mitigation efforts.
• Communicate clearly and effectively with stakeholders, including drafting concise executive summaries during major incidents.

• 3-5+ years of hands-on experience in a SOC or cybersecurity operations role, including incident handling and threat detection.
• Deep understanding of security operations, threat hunting, attack vectors, and cyber kill chains.
• Proven expertise in log analysis, endpoint telemetry, and cloud-native security tools (e.g., AWS CloudTrail, Azure Sentinel).
• Strong scripting experience (e.g., Python, PowerShell) for automation and detection engineering.
• Experience with SIEMs (e.g., Splunk, Elastic, Sentinel), SOAR platforms, EDR/XDR tools, and Threat Intelligence platforms.
• Familiarity with DevSecOps, APIs, microservices, and modern application architectures.
• Security certifications such as GCIA, GCIH, CySA+, or equivalent (preferred).
• Clear and confident communicator with the ability to lead during high-pressure situations and present findings to technical and non-technical audiences.

Boost your career Find thousands of job opportunities by signing up to eFinancialCareers today.

Work Week: Sunday - Thursday

Work Timings: 9 AM - 6 PM (Saudi Arabian Time Zone)

About Us:
Soum is on a mission to revolutionize e-commerce in the MENA region and beyond by building the most convenient and trustworthy re-commerce marketplace in the region. We're reshaping how C2C marketplaces operate, making buying and selling second-hand products seamless and reliable. Since our launch in July 2021, Soum has become one of the fastest-growing startups in the region, achieving rapid expansion in both our team and product offerings. In recognition of our impact and growth, we were proudly named one of the Top 10 LinkedIn Startups in Saudi Arabia for 2024.

Job Summary:
We are looking for a virtual cybersecurity or compliance expert to guide our security posture, particularly as we move into regulated spaces like auto-financing. The role is ideal for someone with extensive regulatory familiarity and previous experience operating in a strategic advisory capacity.

Key Responsibilities

• Lead compliance audits aligned with KSA regulations, especially SAMA frameworks
• Review and implement data security strategies across departments
• Support regulatory submissions and responses for fintech operations
• Oversee documentation and data protection practices
• Coordinate with product and legal teams to maintain standards
  
  
  
  
  

• Saudi national 6+ years experience
• Deep understanding of SAMA regulatory requirements and KSA cybersecurity law
• Prior role as vCISO or senior security/compliance consultant
• Experience operating through or with an agency setup (ideal)
• Familiarity with ISO 27001, NIST, SOC 2 compliance standards
• Ability to lead cross-functional audit and compliance efforts across departments
  
  
  
  

• Seniority level Not Applicable

• Employment type Full-time

• Job function Information Technology
• Industries Transportation, Logistics, Supply Chain and Storage

Referrals increase your chances of interviewing at Soum by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

We are looking for a virtual cybersecurity or compliance expert to guide our security posture, particularly as we move into regulated spaces like auto-financing. The role is ideal for someone with extensive regulatory familiarity and previous experience operating in a strategic advisory capacity.

• Lead compliance audits aligned with KSA regulations , especially SAMA frameworks
• Review and implement data security strategies across departments
• Support regulatory submissions and responses for fintech operations
• Oversee documentation and data protection practices
• Coordinate with product and legal teams to maintain standards

• Saudi national6+ years experience
• Deep understanding of SAMA regulatory requirements and KSA cybersecurity law
• Prior role as vCISO or senior security/compliance consultant
• Experience operating through or with an agency setup (ideal)
• Familiarity with ISO 27001, NIST, SOC 2 compliance standards
• Ability to lead cross-functional audit and compliance efforts across departments