223 Security Testing jobs in Saudi Arabia

Who are we?

Qarbon IT is a dynamic team of technology enthusiasts. We create advanced, personalized digital solutions that reach customers all over the world. We currently have over 70 specialists, including Data Scientists, Java developers, JS developers, and mobile app developers. Our mission is to engage the best professionals in projects that not only inspire but also allow you to grow in the latest technologies.

Sounds good? Great, because we are looking for a
Security Engineer (Aware of Saudi Cloud Regulations)
to join our team

How do we work?

on a B2B contract,

100% remote.

Your Responsibilities

• Conduct security assessments and penetration tests.
• Implement and manage security tools and protocols.
• Ensure compliance with industry security standards and Saudi Cloud regulations.
• Maintain security of AI models (Guard Rails).

What We Are Looking For

• Minimum 5 years of experience as a Security Engineer or in a similar role.
• Strong expertise in application and infrastructure security.
• Experience in security assessments and cloud security.
• Knowledge of AI Models Security (Guard Rails).
• Familiarity with Saudi Cloud regulations is highly desirable.
• Independent and proactive, while being a strong team player.
• Proficiency in English at B2 level.

Submit your CV via the form.

We are waiting for you

Role Purpose

We are seeking a skilled DevSecOps Engineer to design, implement, and manage secure software delivery practices. The role focuses on integrating security into CI/CD pipelines, automating testing, and ensuring compliance with industry standards while collaborating across IT, operations, and audit teams.

• Onboard and integrate projects into the DevSecOps tool chain.
• Design and implement secure software delivery practices.
• Automate security testing in CI/CD pipelines to improve efficiency and reliability.
• Develop and maintain security tools and automation scripts.
• Create and tune DevSecOps security policies.
• Collaborate with operations, compliance, and audit teams to meet security requirements.
• Conduct vulnerability assessments using SAST, DAST, and IAST tools.
• Generate CIS benchmark compliance reports and follow up on resolution.
• Support encryption strategies (KMS, SSL/TLS, digital certificates, crypto policies).
• Monitor and analyze security events through SIEM (QRadar).
• Provide support for endpoint protection (EDR) and operational control.

• Bachelor’s degree in Computer Science, IT, or related field.
• 4–6 years of experience in DevSecOps, Qradar, Application Security, or related roles.
• Hands-on expertise with SAST, DAST, IAST Seeker, SCA, and RASP tools.
• Experience with Sonatype Nexus-IQ and Synopsys Coverity.
• Strong scripting skills (Python, Bash, PowerShell).
• Familiarity with Agile/DevOps methodologies.
• Knowledge of compliance standards (CIS, NIST, ISO).
• Strong problem-solving, collaboration, and communication skills.

What We Need

Oivan is looking for a Senior Network Security Engineer, preferred with experience in F5, PaloAlto and Fortinet security products such as WAF and NGFW

The candidate will implement and maintain network and security on IaaS cloud mainly Openstack. He should oversee network configuration, FW roles, IPSec and various VPN technologies. Oivan is looking for a passionate network and security engineer to join our talented pool of resources, with at least 5 years of experience in managing and troubleshooting network / security infrastructure

You will work as operation and Level-2 support engineer to fulfill daily requests coming from different internal departments and communicate with vendors and services providers for Level-3 support incidents

You will be based on-site at our customer’s premises in Riyadh, KSA.

• Design, plan, and implement secure network topologies using multivendor technologies (Cisco, Palo Alto, etc.).
• Implement and manage perimeter security controls and solutions based on the Cybersecurity department recommendations:
• WAN and LAN security
• Site to site VPN and remote VPN access
• Implementing firewall policies and threat protection
• Security upgrades, patching, configuration backup

• Experience in implementation and management of network technologies and services:
• DNS, DHCP, SYSLOG and IP address management and route optimization
• SNMP and xFlow, AAA, RADIUS and authentication platforms
• IGP (RIP, OSPF…), BGP, gateway redundant protocols such as VRRP
• L2 Ethernet switching network based on Cisco technology: Access and core, port-channel and trunk ports, uplink and access, VLANs, STP flavors and other loop-prevention technologies
• Wireless access point design, configuration and troubleshooting

• Providing level 2 support for access, core and perimeter infrastructure:
• Monitoring KPIs for network and security physical and virtual appliances such as CPU, memory, link utilization, response time and throughput, and maintain the agreed level of operation health
• Security controls implementation, auditing and monitoring
• Incident handling, problem troubleshooting and reporting
• Experience in providing Level2 support, incident handling and root cause analysis reporting
• Continuously monitor web traffic and application behavior to detect, analyze, and respond to threats—leveraging both traditional network tools and application-layer firewalls.

• Managing the relation with vendors and service providers, support contract discussion and renewal, SLA tracking, and issues escalation
• Evaluate and remediate vulnerabilities related to web application threats (e.g., OWASP Top Ten), leveraging virtual patching and rapid policy adjustments when needed.
• Deploy network segmentation and policy enforcement strategies, ensuring defense-in-depth across layers through segmentation, VPNs, and secure remote access architectures.
• Leverage automation and scripting (e.g., Python, RegEx) for deployment, monitoring, and rule management of WAF and network security infrastructure.

• Bachelor Degree in Computer Science / Network Engineering / Electronics or Equivalent qualification. Experience.
• Minimum 5 years of working experience in the same role
• Preferably Cisco Certified Professional (CCNP, CCSP)
• Good communication, interpersonal skills, self-motivated team player, capable of working with minimal supervision. Good service-oriented manner & Efficient problem solver
• Hands-on with multiple WAF platforms and deep knowledge of web application security.
• Familiarity with firewall configuration, network protocols (TCP / IP, HTTP / S), and related security services.
• Familiarity with IPSec, MPLS, and other VPN technologies and routing protocols
• Working onsite, Riyadh-Saudi Arabia

At Oivan, we appreciate different lifestyles and cultural backgrounds. We welcome diversity as a strength. We consider all applications equally regardless of race, color, ancestry, religion, national origin, age, citizenship, marital status, disability, orientation or gender identity. We strongly encourage individuals from groups traditionally underrepresented in tech to apply Oivan company culture is reflective of our core values. The decisions we make today influence our tomorrow. We are sincere in our responsibility towards our employees, customers and the environment. Fellowship unites us as an international community of thinkers and doers. Throughout our hiring process, you’ll have access to a broad representation of the Oivan team to get to know us as we learn about you.

By submitting your application and CV, you provide explicit consent for us to handle and store your personal information in our HR information systems. We assure you that all data processing activities will strictly adhere to the data protection and privacy regulations applicable in Saudi Arabia. Your information will be treated with the utmost confidentiality and in compliance with the relevant local data protection laws.

Direct message the job poster from Tech Stations Co.

We are seeking an experienced IT security professional to manage and enhance the security of our systems for a 2-year project. The ideal candidate will have strong expertise in network security, endpoint protection, identity and access management, and threat detection. This role is critical to ensuring the overall security, integrity, and resilience of our IT environment throughout the duration of the project.

Key Responsibilities:

• Manage Next-Generation Firewalls (NGFW) and Web Application Firewalls (WAF) .
• Implement Network Access Control (NAC) and Sandboxing solutions.
• Manage and monitor network traffic using Network Detection and Response (NDR) and Intrusion Prevention Systems (IPS) for proactive threat detection.
• Deploy and maintain Data Loss Prevention (DLP) systems.
• Configure and manage Proxy servers for enhanced security.
• Operate and maintain Security Information and Event Management (SIEM) systems.
• Implement and manage Endpoint Detection and Response (EDR) and Mobile Device Management (MDM) solutions.
• Administer Database Activity Monitoring (DAM) tools.
• Operate and maintain Identity and Access Management (IAM) and Privileged Access Management (PAM) systems.
• Ensure the effective use of antivirus and endpoint security solutions.

Required Qualifications:

• Bachelor’s degree in Information Security, Computer Science, or a related field .
• Minimum 5 years of experience in security operations and systems management .
• Strong expertise in firewalls, network security, endpoint protection, and access management .
• Experience working with security tools such as NGFW, WAF, NAC, NDR, DLP, IPS, Proxy, SIEM, EDR, MDM, DAM, IAM, PAM , and antivirus solutions.
• Relevant professional certifications such as:
• CCSP (Certified Cloud Security Professional)

• Seniority level: Mid-Senior level
• Employment type: Contract
• Job function: Information Technology
• Industries: IT Services and IT Consulting

Overview

The Cybersecurity Engineer is responsible for safeguarding IT infrastructure, systems, and data from internal and external threats. This role supports IT Manager responsibilities by implementing security controls, performing risk assessments, managing cybersecurity tools, and ensuring compliance with NCA, ISO 27001, and company policies. The position ensures confidentiality, integrity, and availability of enterprise systems while aligning with the company's digital transformation goals.

Academic and professional qualifications:

• Bachelor's degree in Information Security, Computer Science, or a related technical field.

Professional Certifications:

• CISSP (preferred)
• CEH (required)
• CompTIA Security+ (required)
• Windows 10, 11, 21, 23

Experience:

• 5 to 7 years in cybersecurity or network security roles.
• Hands-on experience with firewalls, antivirus, SIEM, and endpoint protection.
• Familiarity with Saudi NCA Essential Cybersecurity Controls (ECC).

Technical Skills:

• Incident response and digital forensics
• Vulnerability scanning tools (e.g., Qualys, Nessus)
• SIEM and log correlation (e.g., Splunk)
• Threat intelligence and reporting
• Encryption, DLP, email security gateways

• Mid-Senior level

• Full-time

• Information Technology

• IT Services and IT Consulting

Responsibilities

1. Assess and secure cloud architectures (public, private, or hybrid) to ensure compliance with internal and regulatory policies.


2. Perform cloud-specific security risk assessments and identify areas for improvement.


3. Review cloud services and configurations to meet standards such as NCA ECC, NIST, and CIS benchmarks.


4. Collaborate with DevOps and cloud infrastructure teams to embed security controls and policies.


5. Provide technical input on cloud security tools, IAM policies, encryption, and monitoring.


6. Contribute to compliance audits, prepare cloud security reports, and implement security baselines.


7. Conduct structured knowledge transfer and create technical documentation for internal teams.

• Nationality: Saudi


• Experience: At least 2 years in cloud security engineering.


• Cloud Platforms: Hands-on experience with AWS, Azure, or GCP security services.


• Familiarity with NCA ECC, NIST SP 800 series, CIS Benchmarks.


• Proficiency in securing IaaS, PaaS, and SaaS environments.


• Understanding of IAM, cloud firewalls, encryption, and compliance monitoring tools.


• Skills: Strong collaboration, communication, and risk analysis capabilities.

Join to apply for the Network Security Engineer role at DXC Technology .

• Assist in security assessments, audits, and vulnerability scans, providing detailed reports and recommendations.
• Monitor security events and incidents, escalating and responding to threats as necessary.
• Support policy implementation, ensuring that security policies are understood and followed.
• Collaborate with the security team to maintain and update security documentation.
• Contribute to incident response activities, assisting with investigations and documenting findings.
• Provide input into security strategy and risk management processes.
• Stay informed about security trends and best practices.
• Contribute to security awareness training for employees.

• Assist in security assessments, audits, and vulnerability scans, providing detailed reports and recommendations.
• Monitor security events and incidents, escalating and responding to threats as necessary.
• Support policy implementation, ensuring that security policies are understood and followed.
• Collaborate with the security team to maintain and update security documentation.
• Contribute to incident response activities, assisting with investigations and documenting findings.
• Provide input into security strategy and risk management processes.
• Stay informed about security trends and best practices.
• Contribute to security awareness training for employees.

• Bachelor's degree in a relevant field or equivalent combination of education and experience.
• Typically, 5+ years of relevant work experience in industry, with a minimum of 2 years in a similar role.
• Proven experience in information security analysis.
• Proficiencies in security technologies and risk assessment.
• A continuous learner that stays abreast with industry knowledge and technology.

• Advanced degree in a relevant field is a plus.
• Relevant certifications such as CompTIA Security+, CEH, or equivalent are a plus.

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. DXC does not make offers of employment via social media networks and never asks for any money or payments from applicants at any point in the recruitment process.

Overview

Direct message the job poster from NuSummit Cybersecurity

We are seeking an experienced Senior SailPoint IdentityIQ (IIQ) Developer to join our cybersecurity and identity governance team in KSA . The ideal candidate will bring deep expertise in SailPoint IIQ implementation, customization, and integration across complex enterprise environments. This role will be pivotal in strengthening the organization’s identity and access management (IAM) capabilities, ensuring compliance with regional and global security standards, and driving automation and operational efficiency.

• Solution Design & Development – Lead the design, configuration, and development of SailPoint IIQ solutions to support business and compliance requirements.
• Develop custom workflows, rules, and plugins, including UI aspects, to enhance user experience and automation.
• Customize and extend IIQ APIs to meet complex business use cases.
• Implement connectors and adapters (Web Services, JDBC, Active Directory, SAP, Exchange, SAP GRC, and multi-system adapters).

• System Implementation & Integration – Deliver large-scale enterprise SailPoint projects with High Availability (HA) and Disaster Recovery (DR) architecture setup.
• Execute and manage SailPoint IIQ version upgrades and ensure smooth transition.
• Integrate IIQ with enterprise applications and databases to ensure seamless IAM processes.

• Governance & Compliance – Design and implement account and access review processes (recertification) aligned with internal audit, regulatory, and compliance requirements in KSA.
• Manage and monitor policy violations and enforce remediation processes.
• Support compliance initiatives relevant to the KSA market, such as SAMA cybersecurity framework, NCA ECC, and global IAM standards.

• Operations & Troubleshooting – Provide advanced problem-solving and troubleshooting support for IIQ platform issues.
• Monitor system health and performance, ensuring availability and efficiency.
• Create technical documentation and standard operating procedures for ongoing IAM operations.

• 4 To 9 years of hands-on experience in SailPoint IIQ development and implementation .
• Proven experience in enterprise-scale deployments with HA/DR architecture.
• In-depth knowledge of Active Directory, Exchange, SAP systems, SAP GRC integration, and database connectors .
• Strong understanding of identity lifecycle management, provisioning, and governance models .
• Excellent skills in building and deploying custom workflows, complex rules, and policies .
• Exposure to policy violation management, recertification processes, and compliance-driven IAM .
• Strong problem-solving, analytical, and troubleshooting skills.
• Excellent business communication and documentation skills, with proficiency in writing technical and business emails.

Kindly share your resume on

Immediate and early joiners will be preferred.

Riyadh, Saudi Arabia

Referrals increase your chances of interviewing at NuSummit Cybersecurity.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

About Us

At Mapa, we're a globally recognized engineering and construction company with a footprint that extends across three continents. Our unwavering commitment to excellence and relentless pursuit of quality and performance have set us apart as industry leaders. We're at the forefront of innovation in the engineering and construction landscape, redefining boundaries and consistently raising the bar for excellence.

As a Cyber Security Specialist/ Engineer at Mapa, you will support the implementation and maintenance of our IT systems in the dynamic environment of KSA. You will work closely with cross-functional teams to ensure smooth day-to-day operations, assisting in troubleshooting, system updates, and user support. With a focus on learning and growth, you will help ensure the reliability and security of our IT infrastructure while contributing to the achievement of project goals within established timelines and budgets.

• Cybersecurity: Training and supporting employees on best practices for cybersecurity awareness.
• Ensuring compliance with cybersecurity policies, standards, and regulatory requirements (e.g., ISO 27001, GDPR, KVKK).
• Monitoring logs and alerts from SIEM and cybersecurity tools to detect and respond to threats.
• Managing and maintaining firewalls, antivirus software, intrusion detection/prevention systems, and other security solutions.
• Conducting regular security audits, vulnerability assessments, and penetration tests.
• Implementing and monitoring security measures to protect systems, networks, and information.
• Daily Operations Management: Controlling daily operations, including server hardware, software, and operating systems.
• Technology Coordination: Coordinating technology installations, upgrades, and maintenance.
• Hardware & Software Selection: Selecting new and replacement hardware and software when necessary.
• System Testing & Troubleshooting: Testing, troubleshooting, and modifying information systems to ensure effective operation.
• Performance Reporting: Generating performance reports for operating systems.
• Risk Assessment & Disaster Recovery Planning: Evaluating technology risks to develop network disaster recovery backup plans.
• Technology Awareness: Remaining up to date with advances in technology and industry best practices.
• Systems & Network Administration: Managing systems and network administration tasks.
• Desktop & Application Support: Providing support and troubleshooting for desktops and applications.

• Educational Background: Bachelor's degree, preferably in Industrial Engineering, MIS, Computer Engineering, Electronics Engineering, or a related field.
• Work Experience: Minimum of 3 years of work experience in similar positions.
• Compliance Knowledge: Experience with ISO 27001, COBIT, ITIL, and PCI-DSS.
• Technical Certifications: Possession of a recognized Cyber Security Certification (e.g., CEH, CISSP, CISM, CompTIA Security+) is mandatory. Additional technical certifications such as MCSA/MCSE, CCNA/CCNP, ITIL, or equivalent certificates are advantageous.
• Networking Experience: Experience with computer networks, network administration, and network installation.
• Software Proficiency: Proficient in Microsoft Windows software, including server, Office, and Exchange.
• Organizational Skills: Highly organized and detail-oriented.
• Analytical & Problem-Solving Skills: Excellent analytical and problem-solving skills.
• Flexible Work Environment: Ability to work flexible hours.
• Risk Assessment Knowledge: Knowledge of Risk Assessment and Risk Treatment methodologies.
• Regulatory Compliance Knowledge: Knowledge of regulations such as KVKK and GDPR.
• IT Security Knowledge: Knowledge of core IT processes and the security of operating systems and network infrastructure.
• File System Understanding: Strong understanding of file system artifacts within a variety of operating systems.
• Security Technologies Experience: Knowledge and experience in security products and technologies (SIEM, Firewall, IPS/IDS, Antivirus, EDR, DLP, WAF, etc.).
• Malicious Activity Detection: Experience in the detection and response to malicious activity using log data and alerts from cybersecurity solutions, systems, and network devices.
• Language Proficiency: Excellent command of both written and oral English.
• Travel Flexibility: No restrictions on travel.