90 Security Lead jobs in Saudi Arabia

By contacting us you agree with the storage and handling of your data by this website.

Location

Riyadh, Saudi Arabia

Experience
5+ years

Send Your CV To

Job Description
Key Responsibility Areas – Security Lead (L3) – SOC

• Security Incident Leadership Lead high-priority security investigations and incident response activities, ensuring accurate analysis, containment, remediation, and post-incident reporting.
• Operational Oversight Oversee day-to-day SOC operations, including shift handovers, escalation management, and ensuring continuity across a 24/7 environment with global customers.
• Technical Expertise Act as the escalation point for complex threats and security incidents requiring deep analysis of logs, packets, malware, and behavioral patterns using EDR, XDR, SIEM, and forensic tools.
• Threat Detection and Hunting Conduct proactive threat hunting using various data sources and tools. Create and optimize detection use-cases, correlation rules, and playbooks to enhance threat visibility and reduce dwell time.
• Process & Playbook Management Develop, refine, and enforce standard operating procedures (SOPs), playbooks, and incident response workflows to drive consistent and measurable outcomes.
• Customer Engagement Interface with global stakeholders (especially US/Canada clients), providing clear incident briefings, RCA reports, and advisory support.
• Collaboration and Mentorship Mentor L1 and L2 analysts, conduct training sessions, and support skill development across shifts.
• Continuous Improvement Participate in tuning detection content, improving tool configurations, and supporting red/blue/purple team exercises to elevate SOC maturity.
• Documentation and Reporting Ensure high-quality documentation of incidents, processes, and technical findings. Contribute to executive and operational reporting.

Apply Now

Location

Riyadh, Saudi Arabia

Experience
5+ years

Send Your CV To

Eurocontrolli, established in 1994, is an international System Integrator with a team of over 100 skilled professionals based across our locations in Italy, the UAE, and Saudi Arabia. We specialize in the design and delivery of integrated Telecoms, Security, and Fire & Gas detection and suppression systems, serving both the Oil & Gas and Commercial sectors. Our extensive range of services encompasses Engineering, Design, Procurement, Project Management, Inspection, Logistics, Transport & Delivery, Commissioning, SAT & PAT, Training, and ongoing Maintenance.

Your Professional Opportunity

We are seeking a highly skilled
HCIS Security Engineer
to
join immediately
our office in
Al-Khobar
, to ensure full compliance of the projects being delivered by Eurocontrolli with the
High Commission for Industrial Security (HCIS)
regulations in the Kingdom of Saudi Arabia. The ideal candidate will be responsible for the design, review, implementation, and auditing of security systems and policies in accordance with HCIS guidelines. The role involves continuous coordination with HCIS consultants, internal stakeholders, and contractors to ensure that all phases of security planning and implementation meet regulatory and operational standards.

Key Responsibilities for this Role Include:

• Compliance & Documentation

Review and interpret HCIS guidelines, circulars, and updates.

Ensure all physical and electronic security designs, implementations, and upgrades comply fully with the latest HCIS regulations.

Prepare and submit required documentation to HCIS consultants and government authorities.

• Design & Engineering

Assist in the design and integration of physical security systems including CCTV, ACS, IDS, perimeter protection, and control room infrastructure.

Support design review meetings, drawings, and technical submittals in line with HCIS templates and workflows.

• Project Implementation

Coordinate with engineering, construction, and commissioning teams to ensure smooth implementation of HCIS-compliant security measures.

Conduct field inspections and ensure site implementation aligns with approved HCIS security designs.

• Stakeholder Engagement

Serve as the primary liaison between the company and assigned
HCIS consultants
throughout all project phases.

Participate in meetings with HCIS authorities and represent the organization in technical discussions and site audits.

• Risk Assessment & Gap Analysis

Conduct security risk assessments and develop mitigation plans aligned with HCIS requirements.

Identify and address compliance gaps in ongoing and upcoming projects.

• Training & Awareness

Provide internal training and awareness sessions to teams regarding HCIS policies, procedures, and compliance obligations.

This role requires a highly organized and proactive individual capable of successfully delivering site activities in a challenging work environment.

Requirements for the Position:

• Bachelor's degree in Electrical Engineering, Security Engineering, or a related discipline.
• Minimum
  5 years of experience
  in security systems engineering, with at least
  3 years working directly on HCIS-compliant projects
  in Saudi Arabia.
• Strong understanding of
  HCIS 2017 regulations
  and related documentation (Part 1-7, Technical Requirements, and Appendices).
• Proven experience in coordinating with
  HCIS-accredited consultants
  .
• Profound knowledge of Security Systems, such as Access Control, Intrusion Detection, CCTV, ANPR, etc.
• Experience in Site surveys, Installation Supervision, Commissioning, SAT and Training
• Capable of leading meetings with clients' engineering and onsite operators
• Effective problem-solving capabilities.
• Availability to work at at site, for medium to long periods
• Competent in Microsoft Office applications, particularly Word and Excel, and PowerPoint.
• Fluency in English (written and spoken) is essential.
• Arabic proficiency is considered a plus

Certifications (Preferred):

• PSP (Physical Security Professional)
• CPP (Certified Protection Professional)
• Vendor certifications (Genetec, Honeywell, Bosch, etc.)

What We Offer:

• Inclusion in a fast-growing, international company
• Competitive Salary, in line with the current experience of the candidate
• Support for career developmet

Leading the future in luxury electric and mobility

At Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility.

We plan to lead in this new era of luxury electric by returning to the fundamentals of great design – where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience.

Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we’re providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you.

We are currently seeking a Senior Security Engineer . You will serve as a security expert in network, application design, operating systems, endpoint protection, mobile devices, and foundational InfoSec technical controls. Our ideal candidate exhibits a can-do attitude and approaches his or her work with vigor and determination. Candidates will be expected to demonstrate excellence in their respective fields, to possess the ability to learn quickly and to strive for perfection within a fast-paced environment.

• Participate in and coach the Security Operations & Incident Response
• Develops and maintains access control rules
• Serve as a security expert in network, application design, operating systems, endpoint protection, mobile devices, and foundational InfoSec technical controls.
• Work closely with software and data engineers to ensure adequate security solutions are in place throughout all systems.
• Conduct periodic training and knowledge transfer sessions for external/internal department staff and business partners
• Manage and update the InfoSec risk model, and in coordination with other functional teams
• Serve as a trusted advisor to business functional areas and internal IT resources
• Ensure that business and technical requirements are aligned to policy and are implemented within regulatory and contractual compliance. Advocate for cyber risk mitigation during planning sessions and implementation of new services
• Contribute to the development and maintenance of the information security strategy
• Plan, design and build of enterprise scale security architectures.
• Monitor cyber-security requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related network devices
• Perform technical security assessments, code audits and design reviews
• Advocate security and secure practices throughout the company
• Be involved in offensive security exercises
• Respond immediately to cyber security related incidents and provides a thorough post-event analysis
• Utilize the skills, knowledge, and competence on a broad range of best practices for securing container-based applications and Kubernetes platforms during build, deployment, and runtime
• Security configuration, audit, and management of applications and databases
• Leads identification and proposes remediation of vulnerabilities
• Maintains user lists, passwords, encryption keys, and other authentication and security-related information and databases

• Bachelor’s degree in engineering, information security or IT-related matter or equivalent experience
• 15+ years working experience in high-level technical Security Technologies
• Hands on experience in F5 Big-IP, Palo Alto, Infoblox, & Cisco
• Understanding and practical experience Network design and architecture, Cloud based services (PaaS, IaaS, SaaS), Virtualization / Containerization, Mobile security (MDM, MAM), Encryption / PKI, Database security, Application/ API security, Identity Management (IDM)
• Understanding of software development principles.
• Proficiency in several security technologies including data loss prevention, encryption, cloud access security brokers, identity and access management, micro-segmentation, multi-factor authentication, endpoint protection, SIEM and perimeter defenses
• Experience working across the full stack of enterprise security tools to include everything from the physical layer to the application layer
• Ability to lead the design of network security infrastructure and the integration of new requirements into existing architectures
• Experience leading compliance assessments of relevant cybersecurity frameworks
• Experience conducting daily Security Operations Center triage and research
• Applied experience with many of the following technologies/roles: Privileged Account Management, Web filtering, Web Application Firewalls, Encryption-at-rest, and encryption-in-transit, Advanced endpoint protection, Vulnerability Management
• Experience responding to incidents, crises, and investigations with sensitivity, tenacity, and a focus on detail required.
• Strong, applied knowledge of security practices and methodologies, security controls and architecture including the use of intrusion detection/prevention and other defenses.
• Experience implementing DoD and Federal IA Assessment and Authorization (A&A) processes, IA controls and developing and maintaining associated documentation.
• Experience with security features and/or vulnerability of various operating systems as defined by NIST, ISO27K & CIS.
• Experience with network and system security administration, including operating system security configuration and account management best practices for MS Windows, Red Hat Enterprise Linux, and CISCO Systems.
• Familiar with Program Protection Plan (PPP)
• Knowledge of applicable data privacy practices and laws
• Excellent knowledge of ITSM, ITIL standards and its processes
• Excellent communication and training skills
• Flexible work approach, based on the job requirements

Candidate from Saudi with technical background on Network/App Security, Leadership skills, Stakeholder Mgmt., Incident ownership, SAMA/NCA regulations experience.

Job Summary:

DXC is seeking an experienced Security Delivery Lead to manage and oversee a multidisciplinary security team supporting a major banking client in Saudi Arabia. The SDL will ensure the consistent delivery of security engineering, operations, and compliance services, aligned with SAMA CSF and NCA ECC requirements. The ideal candidate is a Saudi with
5–10 years
of security delivery/program leadership in regulated environments and strong executive communication, acting as the POC of accountability for security delivery to the client, driving maturity, closing vulnerabilities, and ensuring SLA/KPI compliance.

Key Responsibilities:

• Lead and manage a multi-domain security team (F5, Network, PAM/IAM/PKI, Data/Endpoint, Compliance).
• Act as primary point of contact for client stakeholders for all security operations and delivery matters.
• Ensure high-quality delivery of services against agreed SLAs and KPIs.
• Oversee vulnerability management and drive proactive remediation with development and cyber teams.
• Lead incident response coordination, RCA, and reporting.
• Map and track compliance with
  SAMA CSF
  ,
  NCA ECC
  ,
  ISO 27001
  frameworks.
• Drive continuous improvement and security maturity in processes and reporting.
• Coordinate with multi-vendor resources and geographically dispersed teams.
• Provide regular dashboards, scorecards, and risk assessments to client and management.
• Mentor and support domain leads and engineers; foster collaboration across teams.

Desired Skills & Certifications:

• Professional: CISSP, CISM, CISA, CRISC, PMP, ITIL.
• Vendor: F5, Palo Alto, CyberArk, SailPoint, Forcepoint
• Familiarity with ITIL, ServiceNow, JIRA, or similar delivery tools.

Working Conditions:

• Based on-site at client premises in Riyadh.
• Full-time, Sunday to Thursday, with availability for escalations/incidents.
• Long-term engagement with potential for extension based on performance.

Leadership & Delivery Skills:
Cybersecurity Domain Knowledge (broad, not deep SME)

• Proven track record in delivery/project/program management within security or regulated environments
• Team leadership across multiple domains: F5/Application Security, Network, IAM/PKI, Data & Endpoint, Compliance
• Strong stakeholder management (executives, regulators, auditors, vendors)
• Incident leadership: chairing war rooms, RCA ownership, escalation handling
• Experience with multi-vendor and geographically dispersed teams
• Communication & reporting skills (executive dashboards, SLA/KPI scorecards)
• Network Security: firewalls (Palo Alto, Cisco, Fortinet), SSL inspection, DDoS (Arbor), IPS, email security gateways

Purpose of Job
Jobholders at this level are experienced professionals capable of conducting work with general directions. They are primarily concerned with developing solutions to challenges which require some analysis to understand and resolve, and addressing issues escalated from junior levels. They undertake complex operational activities including assisting in setting information security policies and standards, developing related processes, developing information security, governance, risk and compliance programs, reviewing cybersecurity assessment results and develop accordingly needed mitigation plan, monitoring cybersecurity risk register, following-up on the implementation and recommending improvement actions, recognizing patterns and cases of noncompliance with cybersecurity policies, and identifying gaps and recommend areas of improvement.

Job Responsibilities
Information Security Governance

• Set information security policies, standards and develop accordingly related processes ensuring alignment with cybersecurity regulatory requirements
• Design information security procedures and frameworks to ensure consistency in the implementation of security control
• Develop information security, governance, risk and compliance programs for effective management of IT and security risks meeting compliance requirements
• Prepare cybersecurity awareness programs and develop education plan including workshops, seminars, etc. regarding standards, policies and governance processes foster attentiveness and knowledge in cybersecurity topics across ZATCA's employees

Information Security Risk Management

• Conduct cybersecurity risk assessment to identify potential risks and related daily changes initiating the development of needed mitigation plan
• Develop risk mitigation plan and remediation plan to effectively manage risk in accordance with ZATCA's risk appetite
• Manage cybersecurity risks and risks register to identify, log and track potential risks ensuring compliance with cybersecurity standards and governance policies and procedures
• Follow-up on the implementation of corresponding mitigating controls as per set plan ensuring update of risk register
• Conduct risk assessment for the identified non-conformities during security audits and recommend accordingly needed improvement action for protection and detection capabilities

Information Security Compliance

• Perform information security audit, semiannually assessment against NCA and annually assessment against ISO 27001 to recognize patterns and cases of non-compliance with cybersecurity policies and recommend accordingly areas of improvement
• Manage non-compliance cases improving business process and operations by supporting external assessments against NCA framework
• Develop periodic report consolidating the status of information security compliance and report it with regulates (ISO 27001 & NCA)

Organization and Operations

• Follow all relevant policies, processes and standard operating procedures so that work is carried out in a controlled and consistent manner
• Help in solving escalated problems and provide needed support for junior team to ensure work is carried out in an efficient manner
• Escalate complex problems to the relevant person to ensure cases/issues are closed properly
• Perform other duties as requested

People Management

• Train junior staff on the different job activities to ensure transfer of know-how, when applicable
• Provide clear direction, prioritize tasks, assign and delegate responsibility, and monitor the workflow of subordinates/ junior staff
• Support junior staff or direct reports in order to execute their duties according to set policies and processes

Education
Bachelor's degree in Science in Cybersecurity or equivalent is required

Experience
A minimum of 4 years of relevant experience

Competencies
Collaboration and Communication - Developing

IT Operations Management - Proficient

Professionalism - Proficient

Project Management - Proficient

Results Oriented - Proficient

IT Compliance - Advanced

Information Security - Proficient

Customer Focus - Proficient

Enablement of Change and Innovation - Developing

Vendor Management - Proficient

Cybersecurity Incident and Investigation - Proficient

Who Are We

We Are Foodics a leading restaurant management ecosystem and payment tech provider. Founded in 2014 with headquarters in Riyadh and offices across 5 countries, including UAE, Egypt, Jordan and Kuwait. We are currently serving customers and partners in over 35 different countries worldwide. Our innovative products have successfully processed over 6 billion (yes, billion with a B) orders so far making Foodics one of the most rapidly evolving SaaS companies to ever emerge from the MENA region. Also, Foodics has achieved three rounds of funding, with the latest raising $170 million in the largest SaaS funding round in MENA, boosting its innovation capabilities to better serve business owners.

The Job in a Nutshell

The Cybersecurity GRC lead will be responsible for developing and implementing Cyber Security policies, standards, and procedures in alignment with regulatory requirements such as SAMA and best practices. Collaborate with stakeholders to prioritize and implement risk mitigations. And Recommend improvements to enhance the overall security posture.

What you will do

• Develop and implement a comprehensive cybersecurity strategy aligned with the company's business objectives.
• Evaluate emerging security technologies and recommend investments to enhance the organization's security posture.
• Identify, assess, and mitigate cybersecurity risks and vulnerabilities across the IT infrastructure.
• Conduct regular risk assessments and configuration reviews to ensure the effectiveness of security measures.
• Ensure compliance with regulators like SAMA and NCA.
• Facilitate training sessions to improve security awareness across the organization.
• Work closely with IT, legal, and compliance teams to address security requirements in projects and systems.

What Are We Looking For

• Bachelor's degree in Computer Science, Information Technology, or a related field. A Master's degree is a plus.
• 3 years of experience in cybersecurity GRC, technical experience is a plus.
• Strong knowledge of cybersecurity frameworks such as SAMA CSF, NCA ECC, ISO 27001, or CIS Controls.
• Relevant certifications such as CISSP, CISM, CRISC, or similar will be a plus
• Excellent problem-solving and decision-making abilities.
• Strong leadership and project coordination.
• Effective communication skills to convey regulatory and CS requirements to stakeholders

What We Offer You

We believe you will love working at Foodics

• We offer highly competitive compensation packages, including bonuses and the potential for shares.
• We prioritize personal development and offer regular training and an annual learning stipend to tackle new challenges and grow your career in a hyper-growth environment.
• Join a talented team of over 30 nationalities working in 14 countries, and gain valuable experience in an exciting industry.
• We offer autonomy, mentoring, and challenging goals that create incredible opportunities for both you and the company.

Job Description
Key Responsibilities:

• Lead and manage a team comprising:
• Security Compliance Officer
• L2/L3 F5 Application Security Engineers
• Lead Network Security Engineer
• L3 Network Security Engineer
• L2 Network Security Engineers
• L3 IAM & PKI Engineer
• L2 IAM & PKI Engineers
• L3 Data and Endpoint Security Engineers
• L2 Data and Endpoint Security Engineers
• Act as the primary point of contact for client stakeholders for all security operations and delivery matters.
• Ensure consistent, high-quality delivery of security services as per the agreed SLAs and KPIs.
• Coordinate and manage team schedules, deliverables, and performance reviews.
• Lead incident response coordination, RCA (Root Cause Analysis), and reporting efforts when required.
• Oversee compliance with internal security policies, client security policies, and relevant regulatory frameworks (e.g., SAMA, NCA ECC).
• Drive continuous service improvement and operational efficiency across all security disciplines.
• Facilitate knowledge transfer, mentoring, and skill development within the team.
• Provide regular delivery updates, risk assessments, and reporting to client and internal management.
• Collaborate with other business units, project managers, and technology leaders to ensure integrated security support across the client's environment.

Required Qualifications

• Bachelor's degree in Information Security, Computer Science, or a related field.
• Minimum of 10 years of experience in cybersecurity, with at least 5 years in a leadership or delivery management role.
• Strong understanding of security domains: network, application, data, IAM, and endpoint security.
• Experience managing geographically dispersed teams and multi-vendor environments.
• Proven track record of delivering managed security services in banking or highly regulated environments.
• Saudi National Only

Desired Skills And Certifications

• Professional certifications such as CISSP, CISM, CISA, CRISC, PMP, or ITIL are highly desirable.
• Technical certifications across security platforms such as:
• F5 ASM, BIG-IP, or Advanced WAF
• Palo Alto, Cisco ASA/Firepower
• Microsoft, SailPoint, or similar IAM platforms
• Symantec, CrowdStrike, or Microsoft Defender
• Familiarity with regulatory frameworks such as SAMA Cybersecurity Framework, NCA ECC, and ISO 27001.
• Strong leadership, analytical, communication, and stakeholder engagement skills.
• Fluency in Arabic & English

Working Conditions

• Location: On-site at client premises in Saudi Arabia.
• Working Hours: Sunday to Thursday, full-time (typical business hours), with availability for escalations or incidents as needed.
• Duration: Long-term engagement, with potential for extension based on performance and client satisfaction.
• May require occasional travel within the Kingdom for coordination with branch offices or regulatory bodies.
• Compliance with local labor laws and client-specific security clearance procedures is mandatory.

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We're committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available
here
.

Key Responsibilities:

• Lead and manage a team comprising:

• Security Compliance Officer

• L2/L3 F5 Application Security Engineers
• Lead Network Security Engineer
• L3 Network Security Engineer
• L2 Network Security Engineers
• L3 IAM & PKI Engineer
• L2 IAM & PKI Engineers
• L3 Data and Endpoint Security Engineers
• L2 Data and Endpoint Security Engineers
• Act as the primary point of contact for client stakeholders for all security operations and delivery matters.
• Ensure consistent, high-quality delivery of security services as per the agreed SLAs and KPIs.
• Coordinate and manage team schedules, deliverables, and performance reviews.
• Lead incident response coordination, RCA (Root Cause Analysis), and reporting efforts when required.
• Oversee compliance with internal security policies, client security policies, and relevant regulatory frameworks (e.g., SAMA, NCA ECC).
• Drive continuous service improvement and operational efficiency across all security disciplines.
• Facilitate knowledge transfer, mentoring, and skill development within the team.
• Provide regular delivery updates, risk assessments, and reporting to client and internal management.
• Collaborate with other business units, project managers, and technology leaders to ensure integrated security support across the client s environment.

Required Qualifications:

• Bachelor s degree in Information Security, Computer Science, or a related field.
• Minimum of 10 years of experience in cybersecurity, with at least 5 years in a leadership or delivery management role.
• Strong understanding of security domains: network, application, data, IAM, and endpoint security.
• Experience managing geographically dispersed teams and multi-vendor environments.
• Proven track record of delivering managed security services in banking or highly regulated environments.
• Saudi National Only

Desired Skills and Certifications:

• Professional certifications such as CISSP, CISM, CISA, CRISC, PMP, or ITIL are highly desirable.

• Technical certifications across security platforms such as:

• F5 ASM, BIG-IP, or Advanced WAF

• Palo Alto, Cisco ASA/Firepower
• Microsoft, SailPoint, or similar IAM platforms
• Symantec, CrowdStrike, or Microsoft Defender
• Familiarity with regulatory frameworks such as SAMA Cybersecurity Framework, NCA ECC, and ISO 27001.
• Strong leadership, analytical, communication, and stakeholder engagement skills.
• Fluency in Arabic & English

Required Qualifications:

• Bachelor s degree in Information Security, Computer Science, or a related field.
• Minimum of 10 years of experience in cybersecurity, with at least 5 years in a leadership or delivery management role.
• Strong understanding of security domains: network, application, data, IAM, and endpoint security.
• Experience managing geographically dispersed teams and multi-vendor environments.
• Proven track record of delivering managed security services in banking or highly regulated environments.
• Saudi National Only